addendentity.jsp

一套JAVA的CA证书签发系统.

<html> 
<%@page contentType="text/html"%>
<%@page  errorPage="/errorpage.jsp" import="java.util.*, se.anatom.ejbca.webdist.webconfiguration.EjbcaWebBean,se.anatom.ejbca.ra.raadmin.GlobalConfiguration, se.anatom.ejbca.webdist.rainterface.UserView,
                 se.anatom.ejbca.webdist.rainterface.RAInterfaceBean, se.anatom.ejbca.webdist.rainterface.EndEntityProfileDataHandler, se.anatom.ejbca.ra.raadmin.EndEntityProfile, se.anatom.ejbca.ra.UserDataRemote,
                 javax.ejb.CreateException, java.rmi.RemoteException, se.anatom.ejbca.ra.raadmin.DNFieldExtractor, se.anatom.ejbca.ra.UserAdminData, se.anatom.ejbca.webdist.hardtokeninterface.HardTokenInterfaceBean, 
                 se.anatom.ejbca.hardtoken.HardTokenIssuer, se.anatom.ejbca.hardtoken.HardTokenIssuerData,   se.anatom.ejbca.SecConst, se.anatom.ejbca.util.StringTools" %>
<jsp:useBean id="ejbcawebbean" scope="session" class="se.anatom.ejbca.webdist.webconfiguration.EjbcaWebBean" />
<jsp:useBean id="rabean" scope="session" class="se.anatom.ejbca.webdist.rainterface.RAInterfaceBean" />
<jsp:useBean id="tokenbean" scope="session" class="se.anatom.ejbca.webdist.hardtokeninterface.HardTokenInterfaceBean" />
<%! // Declarations

  static final String ACTION                   = "action";
  static final String ACTION_ADDUSER           = "adduser";
  static final String ACTION_CHANGEPROFILE     = "changeprofile";

  static final String BUTTON_ADDUSER          = "buttonadduser"; 
  static final String BUTTON_RESET            = "buttonreset"; 
  static final String BUTTON_RELOAD           = "buttonreload";

  static final String TEXTFIELD_USERNAME          = "textfieldusername";
  static final String TEXTFIELD_PASSWORD          = "textfieldpassword";
  static final String TEXTFIELD_CONFIRMPASSWORD   = "textfieldconfirmpassword";
  static final String TEXTFIELD_SUBJECTDN         = "textfieldsubjectdn";
  static final String TEXTFIELD_SUBJECTALTNAME    = "textfieldsubjectaltname";
  static final String TEXTFIELD_EMAIL             = "textfieldemail";
  static final String TEXTFIELD_EMAILDOMAIN       = "textfieldemaildomain";

  static final String SELECT_ENDENTITYPROFILE     = "selectendentityprofile";
  static final String SELECT_CERTIFICATEPROFILE   = "selectcertificateprofile";
  static final String SELECT_TOKEN                = "selecttoken";
  static final String SELECT_USERNAME             = "selectusername";
  static final String SELECT_PASSWORD             = "selectpassword";
  static final String SELECT_CONFIRMPASSWORD      = "selectconfirmpassword";
  static final String SELECT_SUBJECTDN            = "selectsubjectdn";
  static final String SELECT_SUBJECTALTNAME       = "selectsubjectaltname";
  static final String SELECT_EMAILDOMAIN          = "selectemaildomain";
  static final String SELECT_HARDTOKENISSUER      = "selecthardtokenissuer";
  static final String SELECT_CA                   = "selectca";

  static final String CHECKBOX_CLEARTEXTPASSWORD          = "checkboxcleartextpassword";
  static final String CHECKBOX_SUBJECTDN                 = "checkboxsubjectdn";
  static final String CHECKBOX_SUBJECTALTNAME            = "checkboxsubjectaltname";
  static final String CHECKBOX_ADMINISTRATOR              = "checkboxadministrator";
  static final String CHECKBOX_KEYRECOVERABLE             = "checkboxkeyrecoverable";
  static final String CHECKBOX_SENDNOTIFICATION           = "checkboxsendnotification";


  static final String CHECKBOX_REQUIRED_USERNAME          = "checkboxrequiredusername";
  static final String CHECKBOX_REQUIRED_PASSWORD          = "checkboxrequiredpassword";
  static final String CHECKBOX_REQUIRED_CLEARTEXTPASSWORD = "checkboxrequiredcleartextpassword";
  static final String CHECKBOX_REQUIRED_SUBJECTDN         = "checkboxrequiredsubjectdn";
  static final String CHECKBOX_REQUIRED_SUBJECTALTNAME    = "checkboxrequiredsubjectaltname";
  static final String CHECKBOX_REQUIRED_EMAIL             = "checkboxrequiredemail";
  static final String CHECKBOX_REQUIRED_ADMINISTRATOR     = "checkboxrequiredadministrator";
  static final String CHECKBOX_REQUIRED_KEYRECOVERABLE    = "checkboxrequiredkeyrecoverable";


  static final String CHECKBOX_VALUE             = "true";

  static final String USER_PARAMETER           = "username";
  static final String SUBJECTDN_PARAMETER      = "subjectdnparameter";



  static final String HIDDEN_USERNAME           = "hiddenusername";
  static final String HIDDEN_PROFILE            = "hiddenprofile";

%><%
  // Initialize environment.

  String[] subjectfieldtexts = {"","","", "OLDEMAILDN2", "UID", "COMMONNAME", "SERIALNUMBER1", 
                                "GIVENNAME2", "INITIALS", "SURNAME","TITLE","ORGANIZATIONUNIT","ORGANIZATION",
                                "LOCALE","STATE","DOMAINCOMPONENT","COUNTRY",
                                "RFC822NAME", "DNSNAME", "IPADDRESS", "OTHERNAME", "UNIFORMRESOURCEID", "X400ADDRESS", "DIRECTORYNAME",
                                "EDIPARTNAME", "REGISTEREDID","","","","","","","","","","","UPN","","", "UNSTRUCTUREDADDRESS", "UNSTRUCTUREDNAME","GUID"};

  GlobalConfiguration globalconfiguration = ejbcawebbean.initialize(request,"/ra_functionality/create_end_entity"); 
                                            rabean.initialize(request, ejbcawebbean);
                                            if(globalconfiguration.getIssueHardwareTokens())
                                              tokenbean.initialize(request, ejbcawebbean);

  final String VIEWUSER_LINK            = globalconfiguration.getBaseUrl() + globalconfiguration.getRaPath()  + "/viewendentity.jsp";
  final String EDITUSER_LINK            = globalconfiguration.getBaseUrl() + globalconfiguration.getRaPath()  + "/editendentity.jsp";

  String THIS_FILENAME             =  globalconfiguration.getRaPath()  + "/addendentity.jsp";
  EndEntityProfile  profile        = null;
  String[] profilenames            = null; 
  boolean noprofiles               = false; 
  int profileid = 0;


  profilenames                  = (String[]) ejbcawebbean.getInformationMemory().getCreateAuthorizedEndEntityProfileNames().keySet().toArray(new String[0]);


  if(profilenames== null || profilenames.length == 0) 
     noprofiles=true;
  else 
    profileid = rabean.getEndEntityProfileId(profilenames[0]);

  boolean chooselastprofile = false;
  if(ejbcawebbean.getLastEndEntityProfile() != 0 && rabean.getEndEntityProfileName(ejbcawebbean.getLastEndEntityProfile()) != null){
    for(int i=0 ; i< profilenames.length; i++){
       if(rabean.getEndEntityProfileName(ejbcawebbean.getLastEndEntityProfile()).equals(profilenames[i]))
         chooselastprofile=true;
    }
  }

  if(!noprofiles){
    if(!chooselastprofile)
      profileid = rabean.getEndEntityProfileId(profilenames[0]);
    else
      profileid = ejbcawebbean.getLastEndEntityProfile();
  } 

  boolean userexists               = false;
  boolean useradded                = false;
  boolean useoldprofile            = false;
  boolean usehardtokenissuers      = false;
  boolean usekeyrecovery           = false;
  boolean issuperadministrator     = false;
  try{
    issuperadministrator = ejbcawebbean.isAuthorizedNoLog("/super_administrator");
  }catch(se.anatom.ejbca.authorization.AuthorizationDeniedException ade){}   

 
  EndEntityProfile oldprofile      = null;
  String addedusername             = ""; 

  String lastselectedusername           = "";
  String lastselectedpassword           = "";
  String lastselectedemaildomain        = "";
  String lastselectedcertificateprofile = "";
  String lastselectedtoken              = "";
  String lastselectedca                  = "";
  int lastselectedhardtokenissuer       = 1;

  String[] lastselectedsubjectdns       =null;
  String[] lastselectedsubjectaltnames  =null;  
  int[] fielddata = null;

  HashMap caidtonamemap = ejbcawebbean.getInformationMemory().getCAIdToNameMap();

  if( request.getParameter(ACTION) != null){
    if(request.getParameter(ACTION).equals(ACTION_CHANGEPROFILE)){
      profileid = Integer.parseInt(request.getParameter(SELECT_ENDENTITYPROFILE)); 
      ejbcawebbean.setLastEndEntityProfile(profileid);
    }
    if( request.getParameter(ACTION).equals(ACTION_ADDUSER)){
      if( request.getParameter(BUTTON_ADDUSER) != null){
         UserView newuser = new UserView(caidtonamemap);
         int oldprofileid = UserAdminData.NO_ENDENTITYPROFILE;
 
         // Get previous chosen profile.
         String hiddenprofileid = request.getParameter(HIDDEN_PROFILE); 
         oldprofileid = Integer.parseInt(hiddenprofileid);       
         if(globalconfiguration.getEnableEndEntityProfileLimitations()){
           // Check that adminsitrator is authorized to given profileid
           boolean authorizedtoprofile = false;
           for(int i=0 ; i< profilenames.length; i++){
             if(oldprofileid == rabean.getEndEntityProfileId(profilenames[i]))
               authorizedtoprofile=true;
           }
           if(!authorizedtoprofile)
             throw new Exception("Error when trying to add user to non authorized profile");
         }
         

         oldprofile = rabean.getEndEntityProfile(oldprofileid);
         lastselectedsubjectdns       = new String[oldprofile.getSubjectDNFieldOrderLength()];
         lastselectedsubjectaltnames  = new String[oldprofile.getSubjectAltNameFieldOrderLength()];
         newuser.setEndEntityProfileId(oldprofileid);         

         String value = request.getParameter(TEXTFIELD_USERNAME);
         if(value !=null){
           value=value.trim(); 
           if(!value.equals("")){
             newuser.setUsername(value);
             oldprofile.setValue(EndEntityProfile.USERNAME,0,value);
             addedusername = value;
           }
         }

         value = request.getParameter(SELECT_USERNAME);
          if(value !=null){
           if(!value.equals("")){
             newuser.setUsername(value);
             lastselectedusername = value;
             addedusername = value;
           }
         } 

         value = request.getParameter(TEXTFIELD_PASSWORD);
         if(value !=null){
           value=value.trim(); 
           if(!value.equals("")){
             newuser.setPassword(value);
             oldprofile.setValue(EndEntityProfile.PASSWORD, 0, value);            
           }
         }

         value = request.getParameter(SELECT_PASSWORD);
          if(value !=null){
           if(!value.equals("")){
             newuser.setPassword(value);
             lastselectedpassword = value;
           }
         } 

         value = request.getParameter(CHECKBOX_CLEARTEXTPASSWORD);
         if(value !=null){
           if(value.equals(CHECKBOX_VALUE)){
             newuser.setClearTextPassword(true);
             oldprofile.setValue(EndEntityProfile.CLEARTEXTPASSWORD, 0, EndEntityProfile.TRUE);             
           }
           else{
               newuser.setClearTextPassword(false);
               oldprofile.setValue(EndEntityProfile.CLEARTEXTPASSWORD, 0, EndEntityProfile.FALSE);    
             }
           }

 
           value = request.getParameter(TEXTFIELD_EMAIL);
           if(value !=null){
             value=value.trim(); 
             if(!value.equals("")){
               String emaildomain = request.getParameter(TEXTFIELD_EMAILDOMAIN);
               if(emaildomain !=null){
                 emaildomain=emaildomain.trim(); 
                 if(!emaildomain.equals("")){
                   newuser.setEmail(value + "@" + emaildomain);
                   oldprofile.setValue(EndEntityProfile.EMAIL, 0,  emaildomain); 
                 }
               }

               emaildomain = request.getParameter(SELECT_EMAILDOMAIN);
               if(emaildomain !=null){
                 if(!emaildomain.equals("")){
                   newuser.setEmail(value + "@" + emaildomain);
                   lastselectedemaildomain = emaildomain;
                 }
               }
             }
           }

           String subjectdn = "";
           int numberofsubjectdnfields = oldprofile.getSubjectDNFieldOrderLength();
           for(int i=0; i < numberofsubjectdnfields; i++){
             value=null;
             fielddata = oldprofile.getSubjectDNFieldsInOrder(i); 

             if(fielddata[EndEntityProfile.FIELDTYPE] != EndEntityProfile.OLDDNE)
               value = request.getParameter(TEXTFIELD_SUBJECTDN+i);
             else{
               if(request.getParameter(CHECKBOX_SUBJECTDN+i)!=null)
                 if(request.getParameter(CHECKBOX_SUBJECTDN+i).equals(CHECKBOX_VALUE))
                   value = newuser.getEmail();
             }
             if(value !=null){
               value= value.trim(); 
               if(!value.equals("")){
                 oldprofile.setValue(fielddata[EndEntityProfile.FIELDTYPE],fielddata[EndEntityProfile.NUMBER], value);