localuseradminsessionbean.java

一套JAVA的CA证书签发系统.

        
        if(caauthorizationstring == null || endentityprofilestring == null){
          raauthorization = new RAAuthorization(admin, raadminsession, authorizationsession);
          caauthstring = raauthorization.getCAAuthorizationString();
          if(globalconfiguration.getEnableEndEntityProfileLimitations())
            endentityauth = raauthorization.getEndEntityProfileAuthorizationString();
          else
            endentityauth = "";  
        }
        
        if(!caauthstring.trim().equals("") && query != null)
          sqlquery = sqlquery + " AND " + caauthstring; 
        else
          sqlquery = sqlquery + caauthstring;             
        
          
        if(globalconfiguration.getEnableEndEntityProfileLimitations()){
          if(caauthstring.trim().equals("") && query == null)
            sqlquery = sqlquery + endentityauth; 
          else
            sqlquery = sqlquery + " AND " + endentityauth;
            
          if(endentityauth == null || endentityauth.trim().equals("")){
            authorizedtoanyprofile = false;	               
          }
        }
                       
          try{
		    if(authorizedtoanyprofile){
              // Construct SQL query.
              con = getConnection();
            
              ps = con.prepareStatement(sqlquery);
            
              // Execute query.
              rs = ps.executeQuery();
              
             // Assemble result.
             while(rs.next() && returnval.size() <= IUserAdminSessionRemote.MAXIMUM_QUERY_ROWCOUNT){
                UserAdminData data = new UserAdminData(rs.getString(1), rs.getString(2), rs.getInt(14), rs.getString(3), rs.getString(4), rs.getInt(5), rs.getInt(6)
                                               , rs.getInt(10), rs.getInt(11)
                                               , new java.util.Date(rs.getLong(8)), new java.util.Date(rs.getLong(9))
                                               ,  rs.getInt(12), rs.getInt(13));
               data.setPassword(rs.getString(7));

               if(!onlybatchusers ||  (data.getPassword() != null && data.getPassword().length() > 0))
                 returnval.add(data);
             }
		    } 
           debug("<query()");
           return returnval;

         }catch(Exception e){
           throw new EJBException(e);
         }finally{
           try{
             if(rs != null) rs.close();
             if(ps != null) ps.close();
             if(con!= null) con.close();
           }catch(SQLException se){
               error("Fel vid upprensning: ", se);
           }
         }
        
    } // query

    /**
     * Methods that checks if a user exists in the database having the given endentityprofileid. This function is mainly for avoiding
     * desyncronisation when a end entity profile is deleted.
     *
     * @param endentityprofileid the id of end entity profile to look for.
     * @return true if endentityprofileid exists in userdatabase.
     */
    public boolean checkForEndEntityProfileId(Admin admin, int endentityprofileid){
        debug(">checkForEndEntityProfileId()");
        Connection con = null;
        PreparedStatement ps = null;
        ResultSet rs = null;
        int count = 1; // return true as default.

        Query query = new Query(Query.TYPE_USERQUERY);
        query.add(UserMatch.MATCH_WITH_ENDENTITYPROFILE, BasicMatch.MATCH_TYPE_EQUALS, Integer.toString(endentityprofileid));

        try{
           // Construct SQL query.
            con = getConnection();
            ps = con.prepareStatement("select COUNT(*) from UserData where " + query.getQueryString());
            // Execute query.
            rs = ps.executeQuery();
            // Assemble result.
            if(rs.next()){
              count = rs.getInt(1);
            }
            debug("<checkForEndEntityProfileId()");
            return count > 0;

        }catch(Exception e){
          throw new EJBException(e);
        }finally{
           try{
             if(rs != null) rs.close();
             if(ps != null) ps.close();
             if(con!= null) con.close();
           }catch(SQLException se){
               error("Fel vid upprensning: ", se);
           }
        }


    }

    /**
     * Methods that checks if a user exists in the database having the given certificateprofileid. This function is mainly for avoiding
     * desyncronisation when a certificateprofile is deleted.
     *
     * @param certificateprofileid the id of certificateprofile to look for.
     * @return true if certificateproileid exists in userdatabase.
     */
    public boolean checkForCertificateProfileId(Admin admin, int certificateprofileid){
        debug(">checkForCertificateProfileId()");
        Connection con = null;
        PreparedStatement ps = null;
        ResultSet rs = null;
        int count = 1; // return true as default.

        Query query = new Query(Query.TYPE_USERQUERY);
        query.add(UserMatch.MATCH_WITH_CERTIFICATEPROFILE, BasicMatch.MATCH_TYPE_EQUALS, Integer.toString(certificateprofileid));

        try{
           // Construct SQL query.
            con = getConnection();
            ps = con.prepareStatement("select COUNT(*) from UserData where " + query.getQueryString());
            // Execute query.
            rs = ps.executeQuery();
            // Assemble result.
            if(rs.next()){
              count = rs.getInt(1);
            }
            debug("<checkForCertificateProfileId()");
            return count > 0;

        }catch(Exception e){
          throw new EJBException(e);
        }finally{
           try{
             if(rs != null) rs.close();
             if(ps != null) ps.close();
             if(con!= null) con.close();
           }catch(SQLException se){
               error("Fel vid upprensning: ", se);
           }
        }
    } // checkForCertificateProfileId

    /**
     * Methods that checks if a user exists in the database having the given caid. This function is mainly for avoiding
     * desyncronisation when a CAs is deleted.
     *
     * @param caid the id of CA to look for.
     * @return true if caid exists in userdatabase.
     */
    public boolean checkForCAId(Admin admin, int caid){
        debug(">checkForCAId()");
        Connection con = null;
        PreparedStatement ps = null;
        ResultSet rs = null;
        int count = 1; // return true as default.

        Query query = new Query(Query.TYPE_USERQUERY);
        query.add(UserMatch.MATCH_WITH_CA, BasicMatch.MATCH_TYPE_EQUALS, Integer.toString(caid));

        try{
           // Construct SQL query.
            con = getConnection();
            ps = con.prepareStatement("select COUNT(*) from UserData where " + query.getQueryString());
            // Execute query.
            rs = ps.executeQuery();
            // Assemble result.
            if(rs.next()){
              count = rs.getInt(1);
            }
            debug("<checkForCAId()");
            return count > 0;

        }catch(Exception e){
          throw new EJBException(e);
        }finally{
           try{
             if(rs != null) rs.close();
             if(ps != null) ps.close();
             if(con!= null) con.close();
           }catch(SQLException se){
               error("Fel vid upprensning: ", se);
           }
        }
    } // checkForCAId


	/**
	 * Methods that checks if a user exists in the database having the given hard token profile id. This function is mainly for avoiding
	 * desyncronisation when a hard token profile is deleted.
	 *
	 * @param profileid of hardtokenprofile to look for.
	 * @return true if proileid exists in userdatabase.
	 */
	public boolean checkForHardTokenProfileId(Admin admin, int profileid){
		debug(">checkForHardTokenProfileId()");
		Connection con = null;
		PreparedStatement ps = null;
		ResultSet rs = null;
		int count = 1; // return true as default.

		Query query = new Query(Query.TYPE_USERQUERY);
		query.add(UserMatch.MATCH_WITH_TOKEN, BasicMatch.MATCH_TYPE_EQUALS, Integer.toString(profileid));

		try{
		   // Construct SQL query.
			con = getConnection();
			ps = con.prepareStatement("select COUNT(*) from UserData where " + query.getQueryString());
			// Execute query.
			rs = ps.executeQuery();
			// Assemble result.
			if(rs.next()){
			  count = rs.getInt(1);
			}
			debug("<checkForHardTokenProfileId()");
			return count > 0;

		}catch(Exception e){
		  throw new EJBException(e);
		}finally{
		   try{
			 if(rs != null) rs.close();
			 if(ps != null) ps.close();
			 if(con!= null) con.close();
		   }catch(SQLException se){
			   error("Error on cleanup: ", se);
		   }
		}
	} // checkForHardTokenProfileId


   private int makeType(boolean administrator, boolean keyrecoverable, boolean sendnotification){
     int returnval = SecConst.USER_ENDUSER;
     if(administrator)
       returnval += SecConst.USER_ADMINISTRATOR;
     if(keyrecoverable)
       returnval += SecConst.USER_KEYRECOVERABLE;
     if(sendnotification)
       returnval += SecConst.USER_SENDNOTIFICATION;

     return returnval;
   } // makeType

   private void sendNotification(Admin admin, NotificationCreator notificationcreator, String username, String password, String dn, String subjectaltname, String email, int caid){
     try {
       if(email== null)
         throw new Exception("Notification cannot be sent to user where email field is null");
       javax.mail.Session mailSession = (javax.mail.Session) new InitialContext().lookup( "java:comp/env/mail/DefaultMail" );
       javax.mail.Message msg = new MimeMessage( mailSession );
       msg.setFrom( new InternetAddress( notificationcreator.getSender()) );
       msg.setRecipients( javax.mail.Message.RecipientType.TO, InternetAddress.parse( email, false ) );
       msg.setSubject( notificationcreator.getSubject() );
       msg.setContent( notificationcreator.getMessage(username, password, dn, subjectaltname, email), "text/plain" );
       msg.setHeader( "X-Mailer", "JavaMailer" );
       msg.setSentDate( new java.util.Date() );
       Transport.send( msg );
       logsession.log(admin, caid, LogEntry.MODULE_RA, new java.util.Date(),username, null, LogEntry.EVENT_INFO_NOTIFICATION,"Notification to " + email + " sent successfully.");
     }
     catch ( Exception e )
     {
       try{
         logsession.log(admin, caid, LogEntry.MODULE_RA, new java.util.Date(),username, null, LogEntry.EVENT_ERROR_NOTIFICATION, "Error when sending notification to " + email );
       }catch(Exception f){
          throw new EJBException(f);
       }
     }
   } // sendNotification
   
   /**
    *  Method checking if username already exists in database.
    * 
    *  @return true if username already exists.
    */
   public boolean existsUser(Admin admin, String username){
      boolean returnval = true;
      
      try{
		home.findByPrimaryKey(new UserDataPK(username));	
      }catch(FinderException fe){
      	  returnval = false;
      }
   	
      return returnval;
   }

} // LocalUserAdminSessionBean