addendentity.jsp

一套JAVA的CA证书签发系统.

                 value = org.ietf.ldap.LDAPDN.escapeRDN(DNFieldExtractor.SUBJECTDNFIELDS[oldprofile.profileFieldIdToUserFieldIdMapper(fielddata[EndEntityProfile.FIELDTYPE])] +value);  
                 if(subjectdn.equals(""))
                   subjectdn = value;
                 else
                   subjectdn += ", " + value;
                   
               }
             }
             value = request.getParameter(SELECT_SUBJECTDN+i);
             if(value !=null){
               if(!value.equals("")){
                 lastselectedsubjectdns[i] = value;
                 value = org.ietf.ldap.LDAPDN.escapeRDN(DNFieldExtractor.SUBJECTDNFIELDS[oldprofile.profileFieldIdToUserFieldIdMapper(fielddata[EndEntityProfile.FIELDTYPE])] +value);
                 if(subjectdn.equals(""))
                   subjectdn = value;
                 else
                   subjectdn += ", " + value;
                 
               }
             }
           }      

           newuser.setSubjectDN(subjectdn);

           String subjectaltname = "";
           int numberofsubjectaltnamefields = oldprofile.getSubjectAltNameFieldOrderLength();
           for(int i=0; i < numberofsubjectaltnamefields; i++){
             fielddata = oldprofile.getSubjectAltNameFieldsInOrder(i); 

             if(fielddata[EndEntityProfile.FIELDTYPE] != EndEntityProfile.RFC822NAME)
               value = request.getParameter(TEXTFIELD_SUBJECTALTNAME+i);
             else{
               value=null;
               if(request.getParameter(CHECKBOX_SUBJECTALTNAME+i)!=null)
                 if(request.getParameter(CHECKBOX_SUBJECTALTNAME+i).equals(CHECKBOX_VALUE))
                   value = newuser.getEmail();
             }
             if(value !=null){
               value=value.trim(); 
               if(!value.equals("")){
                 oldprofile.setValue(fielddata[EndEntityProfile.FIELDTYPE],fielddata[EndEntityProfile.NUMBER], value);   
                 value = org.ietf.ldap.LDAPDN.escapeRDN(DNFieldExtractor.SUBJECTALTNAME[oldprofile.profileFieldIdToUserFieldIdMapper(fielddata[EndEntityProfile.FIELDTYPE]) - DNFieldExtractor.SUBJECTALTERNATIVENAMEBOUNDRARY] +value);
                 if(subjectaltname.equals(""))
                   subjectaltname = value;
                 else
                   subjectaltname += ", " +value;

               }
             }
             value = request.getParameter(SELECT_SUBJECTALTNAME+i);
             if(value !=null){
               if(!value.equals("")){
                 lastselectedsubjectaltnames[i] = value;
                 value = org.ietf.ldap.LDAPDN.escapeRDN(DNFieldExtractor.SUBJECTALTNAME[oldprofile.profileFieldIdToUserFieldIdMapper(fielddata[EndEntityProfile.FIELDTYPE]) - DNFieldExtractor.SUBJECTALTERNATIVENAMEBOUNDRARY] +value);
                 if(subjectaltname.equals(""))
                   subjectaltname = value;
                 else
                   subjectaltname += ", " + value;
                 
              }
             }
           }
           newuser.setSubjectAltName(subjectaltname);
 
           value = request.getParameter(CHECKBOX_ADMINISTRATOR);
           if(value !=null){
             if(value.equals(CHECKBOX_VALUE)){
               newuser.setAdministrator(true);   
               oldprofile.setValue(EndEntityProfile.ADMINISTRATOR, 0, EndEntityProfile.TRUE);  
             }
             else{
               newuser.setAdministrator(false);  
               oldprofile.setValue(EndEntityProfile.ADMINISTRATOR, 0, EndEntityProfile.FALSE); 
             }
           }
           value = request.getParameter(CHECKBOX_KEYRECOVERABLE);
           if(value !=null){
             if(value.equals(CHECKBOX_VALUE)){
               newuser.setKeyRecoverable(true);   
               oldprofile.setValue(EndEntityProfile.KEYRECOVERABLE, 0, EndEntityProfile.TRUE);                          
             }
             else{
               newuser.setKeyRecoverable(false);   
               oldprofile.setValue(EndEntityProfile.KEYRECOVERABLE, 0, EndEntityProfile.FALSE);               
             }
           }  
           value = request.getParameter(CHECKBOX_SENDNOTIFICATION);
           if(value !=null){
             if(value.equals(CHECKBOX_VALUE)){
               newuser.setSendNotification(true);   
               oldprofile.setValue(EndEntityProfile.SENDNOTIFICATION, 0, EndEntityProfile.TRUE);                          
             }
             else{
               newuser.setSendNotification(false);   
               oldprofile.setValue(EndEntityProfile.SENDNOTIFICATION, 0, EndEntityProfile.FALSE);               
             }
           }  

           value = request.getParameter(SELECT_CERTIFICATEPROFILE);
           newuser.setCertificateProfileId(Integer.parseInt(value));   
           oldprofile.setValue(EndEntityProfile.DEFAULTCERTPROFILE, 0, value);         
           lastselectedcertificateprofile = value;

           value = request.getParameter(SELECT_CA);
           newuser.setCAId(Integer.parseInt(value));   
           oldprofile.setValue(EndEntityProfile.DEFAULTCA, 0, value);         
           lastselectedca = value;

           value = request.getParameter(SELECT_TOKEN);
           int tokentype = Integer.parseInt(value); 
           newuser.setTokenType(tokentype);   
           oldprofile.setValue(EndEntityProfile.DEFKEYSTORE, 0, value);         
           lastselectedtoken = value;

           int hardtokenissuer = SecConst.NO_HARDTOKENISSUER;
           if(tokentype > SecConst.TOKEN_SOFT){
             value = request.getParameter(SELECT_HARDTOKENISSUER);
             hardtokenissuer = Integer.parseInt(value);  
             oldprofile.setValue(EndEntityProfile.DEFAULTTOKENISSUER, 0, value);  
           }
           lastselectedhardtokenissuer = hardtokenissuer;
           newuser.setHardTokenIssuerId(lastselectedhardtokenissuer);   
       

           // See if user already exists
           if(rabean.userExist(newuser.getUsername())){
             userexists = true;
             useoldprofile = true;   
           } else{
             if( request.getParameter(BUTTON_RELOAD) != null ){
              useoldprofile = true;   
             }else{
               rabean.addUser(newuser); 
               useradded=true;
             }
           }
         }
      }
    }

    int numberofrows = ejbcawebbean.getEntriesPerPage();
    UserView[] addedusers = rabean.getAddedUsers(numberofrows);
    int row = 0;
    int tabindex = 0;
  
    if(!noprofiles){
      if(!useoldprofile)
        profile = rabean.getEndEntityProfile(profileid);
      else
        profile = oldprofile;
    }else
        profile = new EndEntityProfile();



     String[] tokentexts = RAInterfaceBean.tokentexts;
     int[] tokenids = RAInterfaceBean.tokenids;

     if(globalconfiguration.getIssueHardwareTokens()){
        TreeMap hardtokenprofiles = ejbcawebbean.getInformationMemory().getHardTokenProfiles();

        tokentexts = new String[RAInterfaceBean.tokentexts.length + hardtokenprofiles.keySet().size()];
        tokenids   = new int[tokentexts.length];
        for(int i=0; i < RAInterfaceBean.tokentexts.length; i++){
          tokentexts[i]= RAInterfaceBean.tokentexts[i];
          tokenids[i] = RAInterfaceBean.tokenids[i];
        }

        Iterator iter = hardtokenprofiles.keySet().iterator();
        int index=0;
        while(iter.hasNext()){       
          String name = (String) iter.next();
          tokentexts[index+RAInterfaceBean.tokentexts.length]= name;
          tokenids[index+RAInterfaceBean.tokentexts.length] = ((Integer) hardtokenprofiles.get(name)).intValue();
          index++;
        }
     }

      String[] availabletokens = profile.getValue(EndEntityProfile.AVAILKEYSTORE, 0).split(EndEntityProfile.SPLITCHAR);
      String[] availablehardtokenissuers = profile.getValue(EndEntityProfile.AVAILTOKENISSUER, 0).split(EndEntityProfile.SPLITCHAR);
      if(lastselectedhardtokenissuer==-1){
        String value = profile.getValue(EndEntityProfile.DEFAULTTOKENISSUER,0);
        if(value != null && !value.equals(""))
          lastselectedhardtokenissuer = Integer.parseInt(value);
      }
      ArrayList[] tokenissuers = null;

      usekeyrecovery = globalconfiguration.getEnableKeyRecovery() && profile.getUse(EndEntityProfile.KEYRECOVERABLE,0);
      usehardtokenissuers = globalconfiguration.getIssueHardwareTokens() && profile.getUse(EndEntityProfile.AVAILTOKENISSUER,0);
      if(usehardtokenissuers){       
        tokenissuers = new ArrayList[availabletokens.length];
        for(int i=0;i < availabletokens.length;i++){
          if(Integer.parseInt(availabletokens[i]) > SecConst.TOKEN_SOFT){
            tokenissuers[i] = new ArrayList();
            for(int j=0; j < availablehardtokenissuers.length; j++){
              HardTokenIssuerData issuerdata = tokenbean.getHardTokenIssuerData(Integer.parseInt(availablehardtokenissuers[j]));
              if(issuerdata !=null){
                Iterator iter = issuerdata.getHardTokenIssuer().getAvailableHardTokenProfiles().iterator();
                while(iter.hasNext()){
                  if(Integer.parseInt(availabletokens[i]) == ((Integer) iter.next()).intValue())
                    tokenissuers[i].add(new Integer(availablehardtokenissuers[j]));
                }
              }
            }
          }  
        } 
      }

      HashMap availablecas = null;
      Collection authcas = null;

      if(issuperadministrator)
        if(profileid == SecConst.EMPTY_ENDENTITYPROFILE)
          authcas = ejbcawebbean.getAuthorizedCAIds();
        else
          authcas = profile.getAvailableCAs();
      else
        availablecas = ejbcawebbean.getInformationMemory().getEndEntityAvailableCAs(profileid);
  
%>
<head>
  <title><%= globalconfiguration.getEjbcaTitle() %></title>
  <base href="<%= ejbcawebbean.getBaseUrl() %>">
  <link rel=STYLESHEET href="<%= ejbcawebbean.getCssFile() %>">
  <script language=javascript>

  <% if(!noprofiles){ %>
   <!--
      var TRUE  = "<%= EndEntityProfile.TRUE %>";
      var FALSE = "<%= EndEntityProfile.FALSE %>";


   <% if(usehardtokenissuers){ %>

       var TOKENID         = 0;
       var NUMBEROFISSUERS = 1;
       var ISSUERIDS       = 2;
       var ISSUERNAMES     = 3;

       var tokenissuers = new Array(<%=availabletokens.length%>);
       <% for(int i=0; i < availabletokens.length; i++){
            int numberofissuers = 0;
            if (Integer.parseInt(availabletokens[i]) > SecConst.TOKEN_SOFT) numberofissuers=tokenissuers[i].size();           
           %>
         tokenissuers[<%=i%>] = new Array(4);
         tokenissuers[<%=i%>][TOKENID] = <%= availabletokens[i] %>;
         tokenissuers[<%=i%>][NUMBEROFISSUERS] = <%= numberofissuers %>;
         tokenissuers[<%=i%>][ISSUERIDS] = new Array(<%= numberofissuers %>);
         tokenissuers[<%=i%>][ISSUERNAMES] = new Array(<%= numberofissuers %>);    
         <%  for(int j=0; j < numberofissuers; j++){ %>
         tokenissuers[<%=i%>][ISSUERIDS][<%=j%>]= <%= ((Integer) tokenissuers[i].get(j)).intValue() %>;
         tokenissuers[<%=i%>][ISSUERNAMES][<%=j%>]= "<%= tokenbean.getHardTokenIssuerAlias(((Integer) tokenissuers[i].get(j)).intValue())%>";
         <%  }
           } %>
       
function setAvailableHardTokenIssuers(){
    var seltoken = document.adduser.<%=SELECT_TOKEN%>.options.selectedIndex;
    issuers   =  document.adduser.<%=SELECT_HARDTOKENISSUER%>;

    numofissuers = issuers.length;
    for( i=numofissuers-1; i >= 0; i-- ){