editendentity.jsp

一套JAVA的CA证书签发系统.

<html> 
<%@page contentType="text/html"%>
<%@page  errorPage="/errorpage.jsp" import="java.util.*, se.anatom.ejbca.webdist.webconfiguration.EjbcaWebBean,se.anatom.ejbca.ra.raadmin.GlobalConfiguration, se.anatom.ejbca.webdist.rainterface.UserView,
                 se.anatom.ejbca.webdist.rainterface.RAInterfaceBean, se.anatom.ejbca.webdist.rainterface.EndEntityProfileDataHandler, se.anatom.ejbca.ra.raadmin.EndEntityProfile, se.anatom.ejbca.ra.UserDataRemote,
                 javax.ejb.CreateException, java.rmi.RemoteException, se.anatom.ejbca.authorization.AuthorizationDeniedException, se.anatom.ejbca.ra.raadmin.DNFieldExtractor, se.anatom.ejbca.ra.UserAdminData,
                 se.anatom.ejbca.webdist.hardtokeninterface.HardTokenInterfaceBean, se.anatom.ejbca.hardtoken.HardTokenIssuer, se.anatom.ejbca.hardtoken.HardTokenIssuerData, 
                 se.anatom.ejbca.SecConst, se.anatom.ejbca.util.StringTools" %>
<jsp:useBean id="ejbcawebbean" scope="session" class="se.anatom.ejbca.webdist.webconfiguration.EjbcaWebBean" />
<jsp:useBean id="rabean" scope="session" class="se.anatom.ejbca.webdist.rainterface.RAInterfaceBean" />
<jsp:useBean id="tokenbean" scope="session" class="se.anatom.ejbca.webdist.hardtokeninterface.HardTokenInterfaceBean" />
<%! // Declarations


  static final String ACTION                   = "action";
  static final String ACTION_EDITUSER          = "edituser";
  static final String ACTION_CHANGEPROFILE     = "changeprofile";

  static final String BUTTON_SAVE             = "buttonedituser"; 
  static final String BUTTON_CLOSE            = "buttonclose"; 


  static final String TEXTFIELD_PASSWORD          = "textfieldpassword";
  static final String TEXTFIELD_CONFIRMPASSWORD   = "textfieldconfirmpassword";
  static final String TEXTFIELD_SUBJECTDN         = "textfieldsubjectdn";
  static final String TEXTFIELD_SUBJECTALTNAME    = "textfieldsubjectaltname";
  static final String TEXTFIELD_EMAIL             = "textfieldemail";
  static final String TEXTFIELD_EMAILDOMAIN       = "textfieldemaildomain";

  static final String SELECT_ENDENTITYPROFILE     = "selectendentityprofile";
  static final String SELECT_CERTIFICATEPROFILE   = "selectcertificateprofile";
  static final String SELECT_TOKEN                = "selecttoken";
  static final String SELECT_USERNAME             = "selectusername";
  static final String SELECT_PASSWORD             = "selectpassword";
  static final String SELECT_CONFIRMPASSWORD      = "selectconfirmpassword";
  static final String SELECT_SUBJECTDN            = "selectsubjectdn";
  static final String SELECT_SUBJECTALTNAME       = "selectsubjectaltname";
  static final String SELECT_EMAILDOMAIN          = "selectemaildomain";
  static final String SELECT_HARDTOKENISSUER      = "selecthardtokenissuer";
  static final String SELECT_CHANGE_STATUS        = "selectchangestatus"; 
  static final String SELECT_CA                   = "selectca";

  static final String CHECKBOX_CLEARTEXTPASSWORD          = "checkboxcleartextpassword";
  static final String CHECKBOX_SUBJECTDN                  = "checkboxsubjectdn";
  static final String CHECKBOX_SUBJECTALTNAME             = "checkboxsubjectaltname";
  static final String CHECKBOX_ADMINISTRATOR              = "checkboxadministrator";
  static final String CHECKBOX_KEYRECOVERABLE             = "checkboxkeyrecoverable";
  static final String CHECKBOX_SENDNOTIFICATION           = "checkboxsendnotification";

  static final String CHECKBOX_REGENERATEPASSWD           = "checkboxregeneratepasswd";

  static final String CHECKBOX_REQUIRED_USERNAME          = "checkboxrequiredusername";
  static final String CHECKBOX_REQUIRED_PASSWORD          = "checkboxrequiredpassword";
  static final String CHECKBOX_REQUIRED_CLEARTEXTPASSWORD = "checkboxrequiredcleartextpassword";
  static final String CHECKBOX_REQUIRED_SUBJECTDN         = "checkboxrequiredsubjectdn";
  static final String CHECKBOX_REQUIRED_SUBJECTALTNAME    = "checkboxrequiredsubjectaltname";
  static final String CHECKBOX_REQUIRED_EMAIL             = "checkboxrequiredemail";
  static final String CHECKBOX_REQUIRED_ADMINISTRATOR     = "checkboxrequiredadministrator";
  static final String CHECKBOX_REQUIRED_KEYRECOVERABLE    = "checkboxrequiredkeyrecoverable";

  static final String CHECKBOX_VALUE             = "true";

  static final String USER_PARAMETER           = "username";
  static final String SUBJECTDN_PARAMETER      = "subjectdnparameter";

  static final String HIDDEN_USERNAME           = "hiddenusername";
  static final String HIDDEN_PROFILE            = "hiddenprofile";

%><%
  // Initialize environment.
  GlobalConfiguration globalconfiguration = ejbcawebbean.initialize(request,"/ra_functionality/edit_end_entity"); 
                                            rabean.initialize(request, ejbcawebbean);
                                            if(globalconfiguration.getIssueHardwareTokens())
                                              tokenbean.initialize(request, ejbcawebbean);

  String[] subjectfieldtexts = {"","","", "OLDEMAILDN2", "UID", "COMMONNAME", "SERIALNUMBER1", 
                                "GIVENNAME2", "INITIALS", "SURNAME","TITLE","ORGANIZATIONUNIT","ORGANIZATION",
                                "LOCALE","STATE","DOMAINCOMPONENT","COUNTRY",
                                "RFC822NAME", "DNSNAME", "IPADDRESS", "OTHERNAME", "UNIFORMRESOURCEID", "X400ADDRESS", "DIRECTORYNAME",
                                "EDIPARTNAME", "REGISTEREDID","","","","","","","","","","","UPN", "","","UNSTRUCTUREDADDRESS", "UNSTRUCTUREDNAME","GUID"};

  String THIS_FILENAME             =  globalconfiguration.getRaPath()  + "/editendentity.jsp";
  String username                  = null;
  EndEntityProfile  profile        = null; 
  UserView userdata                = null;
  int profileid                    = UserAdminData.NO_ENDENTITYPROFILE;  
  int[] fielddata                  = null;

  boolean userchanged              = false;
  boolean nouserparameter          = true;
  boolean notauthorized            = true;
  boolean endentitysaved           = false;
  boolean usehardtokenissuers      = false;
  boolean usekeyrecovery           = false;
  
  boolean issuperadministrator     = false;
  try{
    issuperadministrator = ejbcawebbean.isAuthorizedNoLog("/super_administrator");
  }catch(se.anatom.ejbca.authorization.AuthorizationDeniedException ade){}   

  HashMap caidtonamemap = ejbcawebbean.getInformationMemory().getCAIdToNameMap();

  if( request.getParameter(USER_PARAMETER) != null ){
    username = java.net.URLDecoder.decode(request.getParameter(USER_PARAMETER),"UTF-8");
    try{
      userdata = rabean.findUserForEdit(username);
      if(userdata != null){
        notauthorized = false;
        profileid=userdata.getEndEntityProfileId();
        if(!issuperadministrator && profileid == SecConst.EMPTY_ENDENTITYPROFILE)
          profile = null;
        else   
          profile = rabean.getEndEntityProfile(profileid);

        if( request.getParameter(ACTION) != null){
          if( request.getParameter(ACTION).equals(ACTION_EDITUSER)){
            if( request.getParameter(BUTTON_SAVE) != null ){
              UserView newuser = new UserView(caidtonamemap);

             newuser.setEndEntityProfileId(profileid);
             newuser.setUsername(username);


             String value = request.getParameter(TEXTFIELD_PASSWORD);
             if(value !=null){
               value=value.trim(); 
               if(!value.equals("")){
                 newuser.setPassword(value);         
               }
             }
             
             value = request.getParameter(CHECKBOX_REGENERATEPASSWD);
             if(value !=null){
               if(value.equals(CHECKBOX_VALUE)){
                 newuser.setPassword("NEWPASSWORD");          
               }
               else{
                   newuser.setPassword(null);
               }
             }

             value = request.getParameter(SELECT_PASSWORD);
             if(value !=null){
               if(!value.equals("")){
                 newuser.setPassword(value);
               }
             } 

             value = request.getParameter(CHECKBOX_CLEARTEXTPASSWORD);
             if(value !=null){
               if(value.equals(CHECKBOX_VALUE)){
                 newuser.setClearTextPassword(true);          
               }
               else{
                   newuser.setClearTextPassword(false);
               }
             }

             value = request.getParameter(TEXTFIELD_EMAIL);
             if(value !=null){
               value=value.trim(); 
               if(!value.equals("")){
                 String emaildomain = request.getParameter(TEXTFIELD_EMAILDOMAIN);
                 if(emaildomain !=null){
                   emaildomain=emaildomain.trim(); 
                   if(!emaildomain.equals("")){
                     newuser.setEmail(value + "@" + emaildomain);            
                   }
                 }

                 emaildomain = request.getParameter(SELECT_EMAILDOMAIN);
                 if(emaildomain !=null){
                   if(!emaildomain.equals("")){
                     newuser.setEmail(value + "@" + emaildomain);                   
                   }
                 }
               }
             }

               String subjectdn = "";
               int numberofsubjectdnfields = profile.getSubjectDNFieldOrderLength();
               for(int i=0; i < numberofsubjectdnfields; i++){
                 value=null;
                 fielddata = profile.getSubjectDNFieldsInOrder(i); 
                 if(fielddata[EndEntityProfile.FIELDTYPE] != EndEntityProfile.OLDDNE)
                   value = request.getParameter(TEXTFIELD_SUBJECTDN+i);
                 else{
                   if(request.getParameter(CHECKBOX_SUBJECTDN+i)!=null)
                     if(request.getParameter(CHECKBOX_SUBJECTDN+i).equals(CHECKBOX_VALUE))
                       value = newuser.getEmail();
                 }
                 if(value !=null){
                   value= value.trim(); 
                   if(!value.equals("")){
                     value = org.ietf.ldap.LDAPDN.escapeRDN(DNFieldExtractor.SUBJECTDNFIELDS[profile.profileFieldIdToUserFieldIdMapper(fielddata[EndEntityProfile.FIELDTYPE])] +value);
                     if(subjectdn.equals(""))
                       subjectdn = value;
                     else
                       subjectdn += ", " + value;
                   }
                 }
                 value = request.getParameter(SELECT_SUBJECTDN+i);
                 if(value !=null){                   
                   if(!value.equals("")){
                     value = org.ietf.ldap.LDAPDN.escapeRDN(DNFieldExtractor.SUBJECTDNFIELDS[profile.profileFieldIdToUserFieldIdMapper(fielddata[EndEntityProfile.FIELDTYPE])] +value);
                     if(subjectdn.equals(""))
                       subjectdn = value;
                     else
                       subjectdn += ", "  +value;
                    }
                 } 
               }               

               newuser.setSubjectDN(subjectdn);

               String subjectaltname = "";
               int numberofsubjectaltnamefields = profile.getSubjectAltNameFieldOrderLength();
               for(int i=0; i < numberofsubjectaltnamefields; i++){
                 fielddata = profile.getSubjectAltNameFieldsInOrder(i); 

                 if(fielddata[EndEntityProfile.FIELDTYPE] != EndEntityProfile.RFC822NAME)
                   value = request.getParameter(TEXTFIELD_SUBJECTALTNAME+i);
                 else{
                   value=null;
                   if(request.getParameter(CHECKBOX_SUBJECTALTNAME+i)!=null)
                     if(request.getParameter(CHECKBOX_SUBJECTALTNAME+i).equals(CHECKBOX_VALUE))
                       value = newuser.getEmail();
                 }
                 if(value !=null){                
                   if(!value.equals("")){
                     value = org.ietf.ldap.LDAPDN.escapeRDN(DNFieldExtractor.SUBJECTALTNAME[profile.profileFieldIdToUserFieldIdMapper(fielddata[EndEntityProfile.FIELDTYPE]) - DNFieldExtractor.SUBJECTALTERNATIVENAMEBOUNDRARY] +value);  
                     if(subjectaltname.equals(""))
                       subjectaltname = value;
                     else
                       subjectaltname += ", " + value;   
                   }
                 }
                 value = request.getParameter(SELECT_SUBJECTALTNAME+i);
                 if(value !=null){
                   value = org.ietf.ldap.LDAPDN.escapeRDN(DNFieldExtractor.SUBJECTALTNAME[profile.profileFieldIdToUserFieldIdMapper(fielddata[EndEntityProfile.FIELDTYPE]) - DNFieldExtractor.SUBJECTALTERNATIVENAMEBOUNDRARY] +value);
                   if(!value.equals("")){
                     if(subjectaltname.equals(""))
                       subjectaltname = value;
                     else
                       subjectaltname += ", " + value;
                   }
                 }
               }
               
               newuser.setSubjectAltName(subjectaltname);


               value = request.getParameter(CHECKBOX_ADMINISTRATOR);
               if(value !=null){
                 if(value.equals(CHECKBOX_VALUE)){
                   newuser.setAdministrator(true);   
                 }
                 else{
                   newuser.setAdministrator(false);  
                 }
               }
               value = request.getParameter(CHECKBOX_KEYRECOVERABLE);
               if(value !=null){
                 if(value.equals(CHECKBOX_VALUE)){
                   newuser.setKeyRecoverable(true);                  
                 }
                 else{
                   newuser.setKeyRecoverable(false);         
                 }
               }   
               value = request.getParameter(CHECKBOX_SENDNOTIFICATION);
               if(value !=null){
                 if(value.equals(CHECKBOX_VALUE)){
                   newuser.setSendNotification(true);                  
                 }
                 else{
                   newuser.setSendNotification(false);         
                 }
               }   

               value = request.getParameter(SELECT_CERTIFICATEPROFILE);
               newuser.setCertificateProfileId(Integer.parseInt(value));   
 
               value = request.getParameter(SELECT_CA);
               newuser.setCAId(Integer.parseInt(value)); 

               value = request.getParameter(SELECT_TOKEN);
               int tokentype = Integer.parseInt(value); 
               newuser.setTokenType(Integer.parseInt(value));