localhardtokensessionbean.java

一套JAVA的CA证书签发系统.

	   else
		 getLogSession().log(admin, admin.getCAId(), LogEntry.MODULE_HARDTOKEN, new java.util.Date(),null, null, LogEntry.EVENT_ERROR_HARDTOKENPROFILEDATA," Error renaming hard token profile  " + oldname +  " to " + newname + "." );

       if(!success)
	     throw new HardTokenProfileExistsException();
	   debug("<renameHardTokenProfile()");
	} // renameHardTokenProfile

	/**
	 * Retrives a Collection of id:s (Integer) to authorized profiles.
	 *
	 * @return Collection of id:s (Integer)
	 */
	public Collection getAuthorizedHardTokenProfileIds(Admin admin){
	  ArrayList returnval = new ArrayList();
	  Collection result = null;
      
	  HashSet authorizedcertprofiles = new HashSet(getCertificateStoreSession().getAuthorizedCertificateProfileIds(admin, SecConst.CERTTYPE_HARDTOKEN));	  	   	  
	  
	  try{
		result = this.hardtokenprofilehome.findAll();
		Iterator i = result.iterator();
		while(i.hasNext()){
		  HardTokenProfileDataLocal next = (HardTokenProfileDataLocal) i.next();
		  HardTokenProfile profile = next.getHardTokenProfile();
		  
		  if(profile instanceof EIDProfile){		  	
		  	if(authorizedcertprofiles.containsAll(((EIDProfile) profile).getAllCertificateProfileIds())){
		  	  returnval.add(next.getId());			  	   
		  	}		  	
		  }else{
		  	//Implement for other profile types
		  }
		}  		
	  }catch(FinderException e){}
	  
	  
	  
	  return returnval;
	} // getAuthorizedHardTokenProfileIds    

	/**
	 * Method creating a hashmap mapping profile id (Integer) to profile name (String).
	 */    
	public HashMap getHardTokenProfileIdToNameMap(Admin admin){
	  HashMap returnval = new HashMap();
	  Collection result = null;

	  try{
		result = hardtokenprofilehome.findAll();
		Iterator i = result.iterator();
		while(i.hasNext()){
		  HardTokenProfileDataLocal next = (HardTokenProfileDataLocal) i.next();    
		  returnval.put(next.getId(),next.getName());
		}
	  }catch(FinderException e){}
	  return returnval;
	} // getHardTokenProfileIdToNameMap


	/**
	 * Retrives a named hard token profile.
	 */
	public HardTokenProfile getHardTokenProfile(Admin admin, String name){
	  HardTokenProfile returnval=null;
              
	   try{
		 returnval = (hardtokenprofilehome.findByName(name)).getHardTokenProfile();
	   } catch(FinderException e){
		   // return null if we cant find it
	   }
	   return returnval;
	} //  getCertificateProfile

	 /**
      * Finds a hard token profile by id.
	  *
	  *
	  */
	public HardTokenProfile getHardTokenProfile(Admin admin, int id){
	   HardTokenProfile returnval=null;
       
  	   try{
		   returnval = (hardtokenprofilehome.findByPrimaryKey(new Integer(id))).getHardTokenProfile();
	   } catch(FinderException e){
			 // return null if we cant find it
	   }	     
	   return returnval;
	} // getHardTokenProfile

	/**
	 * Help method used by hard token profile proxys to indicate if it is time to
	 * update it's profile data.
	 *	 
	 */
	
	public int getHardTokenProfileUpdateCount(Admin admin, int hardtokenprofileid){
	  int returnval = 0;
	  
	  try{
	  	returnval = (hardtokenprofilehome.findByPrimaryKey(new Integer(hardtokenprofileid))).getUpdateCounter();  	  	
	  }catch(FinderException e){}		
	  
	  return returnval;
	}


	 /**
	 * Returns a hard token profile id, given it's hard token profile name
	 *	 
	 *
	 * @return the id or 0 if hardtokenprofile cannot be found.
	 */
	public int getHardTokenProfileId(Admin admin, String name){
	  int returnval = 0;
            
	  try{
		Integer id = (hardtokenprofilehome.findByName(name)).getId();
		returnval = id.intValue();
	  }catch(FinderException e){}
           
	  return returnval;
	} // getHardTokenProfileId

     /**
      * Returns a hard token profile name given its id.
 	  *
	  * @return the name or null if id noesnt exists
	  * @throws EJBException if a communication or other error occurs.
	  */
	public String getHardTokenProfileName(Admin admin, int id){
	  debug(">getHardTokenProfileName(id: " + id + ")");
	  String returnval = null;
	  HardTokenProfileDataLocal htp = null;
	  try{
		htp = hardtokenprofilehome.findByPrimaryKey(new Integer(id));
		if(htp != null){
		  returnval = htp.getName();
		}
	  }catch(FinderException e){}

	  debug("<getHardTokenProfileName()");
	  return returnval;
	} // getHardTokenProfileName


    /**
     * Adds a hard token issuer to the database.
     *
     * @return false if hard token issuer already exists.
     * @throws EJBException if a communication or other error occurs.
     */

    public boolean addHardTokenIssuer(Admin admin, String alias, int admingroupid, HardTokenIssuer issuerdata){
       debug(">addHardTokenIssuer(alias: " + alias + ")");
       boolean returnval=false;       
       try{
          hardtokenissuerhome.findByAlias(alias);
       }catch(FinderException e){
         try{
           hardtokenissuerhome.create(findFreeHardTokenIssuerId(), alias, admingroupid, issuerdata);
           returnval = true;
         }catch(CreateException g){}
       }
     
       if(returnval)
         getLogSession().log(admin, admin.getCAId(), LogEntry.MODULE_HARDTOKEN, new java.util.Date(),null, null, LogEntry.EVENT_INFO_HARDTOKENISSUERDATA,"Hard token issuer " + alias + " added.");
       else
         getLogSession().log(admin, admin.getCAId(), LogEntry.MODULE_HARDTOKEN,  new java.util.Date(),null, null, LogEntry.EVENT_ERROR_HARDTOKENISSUERDATA,"Error adding hard token issuer "+ alias);
       
       debug("<addHardTokenIssuer()");
       return returnval;
    } // addHardTokenIssuer

    /**
     * Updates hard token issuer data
     *
     * @return false if  alias doesn't exists
     * @throws EJBException if a communication or other error occurs.
     */

    public boolean changeHardTokenIssuer(Admin admin, String alias, HardTokenIssuer issuerdata){
       debug(">changeHardTokenIssuer(alias: " + alias + ")");
       boolean returnvalue = false;
       int caid = ILogSessionLocal.INTERNALCAID;
       try{
         HardTokenIssuerDataLocal htih = hardtokenissuerhome.findByAlias(alias);
         htih.setHardTokenIssuer(issuerdata);         
         returnvalue = true;
       }catch(FinderException e){}
      
       if(returnvalue)
         getLogSession().log(admin, admin.getCAId(), LogEntry.MODULE_HARDTOKEN, new java.util.Date(),null, null, LogEntry.EVENT_INFO_HARDTOKENISSUERDATA,"Hard token issuer " +  alias + " edited.");
       else
         getLogSession().log(admin, admin.getCAId(), LogEntry.MODULE_HARDTOKEN, new java.util.Date(),null, null, LogEntry.EVENT_ERROR_HARDTOKENISSUERDATA,"Error editing hard token issuer " + alias + ".");

       debug("<changeHardTokenIssuer()");
       return returnvalue;
    } // changeHardTokenIssuer

     /**
     * Adds a hard token issuer with the same content as the original issuer,
     *
     * @return false if the new alias or certificatesn already exists.
     * @throws EJBException if a communication or other error occurs.
     */
    public boolean cloneHardTokenIssuer(Admin admin, String oldalias, String newalias, int admingroupid){
       debug(">cloneHardTokenIssuer(alias: " + oldalias + ")");
       HardTokenIssuer issuerdata = null;
       boolean returnval = false;	   
       try{
         HardTokenIssuerDataLocal htih = hardtokenissuerhome.findByAlias(oldalias);
         issuerdata = (HardTokenIssuer) htih.getHardTokenIssuer().clone();

         returnval = addHardTokenIssuer(admin, newalias, admingroupid, issuerdata);
         if(returnval)
           getLogSession().log(admin, admin.getCAId(), LogEntry.MODULE_HARDTOKEN, new java.util.Date(),null, null, LogEntry.EVENT_INFO_HARDTOKENISSUERDATA,"New hard token issuer " + newalias +  ", used issuer " + oldalias + " as template.");
         else
           getLogSession().log(admin, admin.getCAId(), LogEntry.MODULE_HARDTOKEN,  new java.util.Date(),null, null, LogEntry.EVENT_ERROR_HARDTOKENISSUERDATA,"Error adding hard token issuer " + newalias +  " using issuer " + oldalias + " as template.");
       }catch(Exception e){
          throw new EJBException(e);
       }

       debug("<cloneHardTokenIssuer()");
       return returnval;
    } // cloneHardTokenIssuer

     /**
     * Removes a hard token issuer from the database.
     *
     * @throws EJBException if a communication or other error occurs.
     */
    public void removeHardTokenIssuer(Admin admin, String alias){
      debug(">removeHardTokenIssuer(alias: " + alias + ")");     
      try{
        HardTokenIssuerDataLocal htih = hardtokenissuerhome.findByAlias(alias);        
        htih.remove();
        getLogSession().log(admin, admin.getCAId(), LogEntry.MODULE_HARDTOKEN, new java.util.Date(),null, null, LogEntry.EVENT_INFO_HARDTOKENISSUERDATA,"Hard token issuer " + alias + " removed.");
      }catch(Exception e){
         getLogSession().log(admin, admin.getCAId(), LogEntry.MODULE_HARDTOKEN, new java.util.Date(),null, null, LogEntry.EVENT_ERROR_HARDTOKENISSUERDATA,"Error removing hard token issuer " + alias + ".",e);
      }
      debug("<removeHardTokenIssuer()");
    } // removeHardTokenIssuer

     /**
     * Renames a hard token issuer
     *
     * @return false if new alias or certificatesn already exists
     * @throws EJBException if a communication or other error occurs.
     */
    public boolean renameHardTokenIssuer(Admin admin, String oldalias, String newalias,
                                         int newadmingroupid){
       debug(">renameHardTokenIssuer(from " + oldalias + " to " + newalias + ")");
       boolean returnvalue = false;	   	  
       try{
          hardtokenissuerhome.findByAlias(newalias);
       }catch(FinderException e){
           try{
             HardTokenIssuerDataLocal htih = hardtokenissuerhome.findByAlias(oldalias);
             htih.setAlias(newalias);
             htih.setAdminGroupId(newadmingroupid);    
             returnvalue = true;
           }catch(FinderException g){}         
       }
       
       if(returnvalue)
         getLogSession().log(admin, admin.getCAId(), LogEntry.MODULE_HARDTOKEN, new java.util.Date(),null, null, LogEntry.EVENT_INFO_HARDTOKENISSUERDATA,"Hard token issuer " + oldalias + " renamed to " + newalias +  "." );
       else
         getLogSession().log(admin, admin.getCAId(), LogEntry.MODULE_HARDTOKEN, new java.util.Date(),null, null, LogEntry.EVENT_ERROR_HARDTOKENISSUERDATA," Error renaming hard token issuer  " + oldalias +  " to " + newalias + "." );

       debug("<renameHardTokenIssuer()");
       return returnvalue;
    } // renameHardTokenIssuer
    
    /**
     * Method to check if an administrator is authorized to issue hard tokens for
     * the given alias.
     * 
     * @param admin administrator to check
     * @param alias alias of hardtoken issuer. 
     * @return true if administrator is authorized to issue hardtoken with given alias.
     */
    public boolean getAuthorizedToHardTokenIssuer(Admin admin, String alias){
      debug(">getAuthorizedToHardTokenIssuer(" +  alias + ")");
      boolean returnval = false;      
        try{
        	
      	  int admingroupid = hardtokenissuerhome.findByAlias(alias).getAdminGroupId();      	        	  
		  returnval = getAuthorizationSession(admin).isAuthorizedNoLog(admin, "/hardtoken_functionality/issue_hardtokens");		  
      	  returnval = returnval && authorizationsession.existsAdministratorInGroup(admin, admingroupid);      	  
        }catch(FinderException fe){}
          catch(AuthorizationDeniedException ade){}
          debug("<getAuthorizedToHardTokenIssuer(" +  returnval + ")");
      return returnval;	
    }

      /**
       * Returns the available hard token issuers authorized to the administrator.
       *
       * @return A collection of available HardTokenIssuerData.
       * @throws EJBException if a communication or other error occurs.
       */
    public Collection getHardTokenIssuerDatas(Admin admin){
      debug(">getHardTokenIssuerDatas()");
      ArrayList returnval = new ArrayList();
      Collection result = null;
      HardTokenIssuerDataLocal htih = null;
      Collection authorizedhardtokenprofiles = this.getAuthorizedHardTokenProfileIds(admin);      
      try{
        result = hardtokenissuerhome.findAll();
        if(result.size()>0){
          Iterator i = result.iterator();
          while(i.hasNext()){
            htih = (HardTokenIssuerDataLocal) i.next();
            if(authorizedhardtokenprofiles.containsAll(htih.getHardTokenIssuer().getAvailableHardTokenProfiles()))
              returnval.add(new HardTokenIssuerData(htih.getId().intValue(), htih.getAlias(), htih.getAdminGroupId(), htih.getHardTokenIssuer()));
          }
        }
        Collections.sort(returnval);
      }catch(FinderException e){}

      debug("<getHardTokenIssuerDatas()");
      return returnval;
    } // getHardTokenIssuers

      /**
       * Returns the available hard token issuer alliases authorized to the administrator.
       *
       * @return A collection of available hard token issuer aliases.
       * @throws EJBException if a communication or other error occurs.
       */
    public Collection getHardTokenIssuerAliases(Admin admin){