informationmemory.java

一套JAVA的CA证书签发系统.

    public TreeMap getAuthorizedPublisherNames(){
    	if(publishernames==null){
    		publishernames = new TreeMap();  
    		Iterator iter = publishersession.getAuthorizedPublisherIds(administrator).iterator();      
    		HashMap idtonamemap = getPublisherIdToNameMap();
    		while(iter.hasNext()){
    			Integer id = (Integer) iter.next();
    			publishernames.put(idtonamemap.get(id),id);
    		}
    	}
    	return publishernames;
    }
        
    /**
     * Method that calculates the available cas to an end entity. Used in add/edit end entity pages.
     * It calculates a set of available CAs as an intersection of:
     * - The administrators authorized CAs
     * - The end entity profiles available CAs
     * - The certificate profiles available CAs.
     *
     * @param The id of end entity profile to retrieve set form.
     * @returns a HashMap of CertificateProfileId to Collection. It returns a set of avialable CAs per certificate profile.
     */
    
    public HashMap getEndEntityAvailableCAs(int endentityprofileid){
      if(endentityavailablecas == null){
        // Build new structure.  
        Collection authorizedcas = getAuthorizedCAIds();  
          
        HashMap certproftemp = new HashMap();
          
        endentityavailablecas = new HashMap();
        Iterator endentityprofileiter = raadminsession.getAuthorizedEndEntityProfileIds(administrator).iterator();
        while(endentityprofileiter.hasNext()){
           Integer nextendentityprofileid = (Integer) endentityprofileiter.next();
           EndEntityProfile endentityprofile = raadminsession.getEndEntityProfile(administrator,nextendentityprofileid.intValue());
           String[] values   = endentityprofile.getValue(EndEntityProfile.AVAILCAS,0).split(EndEntityProfile.SPLITCHAR); 
           ArrayList endentityprofileavailcas = new ArrayList();
           for(int i=0;i < values.length;i++){
             endentityprofileavailcas.add(new Integer(values[i]));  
           }
           
           boolean endentityprofileallcas = false;
           if(endentityprofileavailcas.contains(new Integer(SecConst.ALLCAS))){
             endentityprofileallcas = true;   
           }
           
           values = endentityprofile.getValue(EndEntityProfile.AVAILCERTPROFILES,0).split(EndEntityProfile.SPLITCHAR); 
           HashMap certificateprofilemap = new HashMap();
           for(int i=0;i < values.length;i++){             
             Integer nextcertprofileid = new Integer(values[i]);
             CertificateProfile certprofile = (CertificateProfile) certproftemp.get(nextcertprofileid);
             if(certprofile == null){
               certprofile = certificatestoresession.getCertificateProfile(administrator,nextcertprofileid.intValue());   
               certproftemp.put(nextcertprofileid,certprofile);
             }
             
             Collection certprofilesavailablecas = certprofile.getAvailableCAs();
             if(certprofilesavailablecas.contains(new Integer(CertificateProfile.ANYCA))){
               ArrayList authorizedcastemp = new ArrayList(authorizedcas);
               if(!endentityprofileallcas)
                 authorizedcastemp.retainAll(endentityprofileavailcas);
               certificateprofilemap.put(nextcertprofileid,authorizedcastemp);
             }else{
               ArrayList authorizedcastemp = new ArrayList(authorizedcas);               
               if(!endentityprofileallcas)
                 authorizedcastemp.retainAll(endentityprofileavailcas);
               authorizedcastemp.retainAll(certprofilesavailablecas);
               certificateprofilemap.put(nextcertprofileid,authorizedcastemp);                 
             }  
           }
           endentityavailablecas.put(nextendentityprofileid, certificateprofilemap);
        } 
      }    
        
      return (HashMap) endentityavailablecas.get(new Integer(endentityprofileid));      
    }

    /**
     *  Returns a administrators set of authorized available accessrules.
     * 
     * @return A HashSet containing the administrators authorized available accessrules.
     */

    public HashSet getAuthorizedAccessRules(){
      if(authorizedaccessrules == null)
	    authorizedaccessrules = new HashSet(authorizationsession.getAuthorizedAvailableAccessRules(administrator));
	    
	   return authorizedaccessrules;
    }

	/**
	 *  @see se.anatom.ejbca.webdist.hardtokeninterface.HardTokenAuthorization.java
	 */	
	public TreeMap getHardTokenProfiles(){	  	    
	   return hardtokenauthorization.getHardTokenProfiles();
	}
	
	/**
	 *  @see se.anatom.ejbca.webdist.hardtokeninterface.HardTokenAuthorization.java
	 */	
	public boolean authorizedToHardTokenProfiles(String name){			  	    
	   return hardtokenauthorization.authorizedToHardTokenProfile(name);
	}
    
	/**
	 *  @see se.anatom.ejbca.webdist.hardtokeninterface.HardTokenAuthorization.java
	 */	
	public TreeMap getHardTokenIssuers(){	  	    
	   return hardtokenauthorization.getHardTokenIssuers();
	}
	
	/**
	 *  @see se.anatom.ejbca.webdist.hardtokeninterface.HardTokenAuthorization.java
	 */	
	public boolean authorizedToHardTokenIssuer(String alias){			  	    
	   return hardtokenauthorization.authorizedToHardTokenIssuer(alias);
	}	


	/**
	 *  @see se.anatom.ejbca.webdist.hardtokeninterface.HardTokenAuthorization.java
	 */	
	public Collection getHardTokenIssuingAdminGroups(){
	  return hardtokenauthorization.getHardTokenIssuingAdminGroups();	
	}

    /**
     * Returns a sorted map with authorized admingroupname -> admingroupid
     */

    public TreeMap getAuthorizedAdminGroups(){
      if(authgroups == null){
        authgroups = new TreeMap();
        HashMap caidtoname = getCAIdToNameMap(); 
        Iterator iter = this.authorizationsession.getAuthorizedAdminGroupNames(administrator).iterator();
        while(iter.hasNext()){
          AdminGroup admingroup = (AdminGroup) iter.next();	
          authgroups.put(admingroup.getAdminGroupName() + ", CA: " + caidtoname.get(new Integer(admingroup.getCAId())),new Integer(admingroup.getAdminGroupId()));
        }              		
      }
    	
      return authgroups;	 
    }


	/**
	 * Returns a map with authorized admingroupid -> admingroupname
	 */
    
    public HashMap getAdminGroupIdToNameMap(){
      if(admingrpidmap == null){
      	TreeMap admingrpnames = getAuthorizedAdminGroups();
		admingrpidmap = new HashMap();
      	Iterator iter = admingrpnames.keySet().iterator();
      	while(iter.hasNext()){
      		Object next = iter.next();
			admingrpidmap.put(admingrpnames.get(next) ,next);	
      	}			
      	
      }
    	
      return admingrpidmap;	
    }

    
    /**
     * Method that should be called every time CA configuration is edited.
     */
    public void cAsEdited(){
      authgroups = null;
      admingrpidmap = null;
      caidtonamemap = null;   
      endentityavailablecas = null;
	  authorizedaccessrules = null;
      logauthorization.clear();
      raauthorization.clear();
      caauthorization.clear();
      hardtokenauthorization.clear();
    }
    

    /**
     * Method that should be called every time a end entity profile has been edited
     */
    public void endEntityProfilesEdited(){
      endentityprofileidtonamemap = null;   
      endentityprofilenameproxy = null;
      endentityavailablecas = null;
	  authorizedaccessrules = null;
      raauthorization.clear();
    }    
    
    /**
     * Method that should be called every time a certificate profile has been edited
     */
    public void certificateProfilesEdited(){
      certificateprofileidtonamemap = null;
      certificateprofilenameproxy = null;
      endentityavailablecas = null;
      raauthorization.clear();
      caauthorization.clear();
      hardtokenauthorization.clear();
    }
    
    /**
     * Method that should be called every time a publisher has been edited
     */
    public void publishersEdited(){
    	publisheridtonamemap = null;
    	publishernames = null;    	
    } 
    
    /**
     * Method that should be called every time a administrative privilegdes has been edited
     */
    public void administrativePriviledgesEdited(){
      endentityavailablecas = null;
	  authgroups = null;  
	  admingrpidmap = null;
      logauthorization.clear();   
      raauthorization.clear();
      caauthorization.clear();
	  hardtokenauthorization.clear();
    }    

	/**
	 * Method that should be called every time hard token issuers has been edited
	 */
	public void hardTokenDataEdited(){	 
	  hardtokenauthorization.clear();
	}    

    
    /**
     * Method that should be called every time the system configuration has been edited
     */    
    public void systemConfigurationEdited(GlobalConfiguration globalconfiguration){
      this.globalconfiguration = globalconfiguration;
	  logauthorization.clear();   
	  raauthorization.clear();
	  caauthorization.clear();
	  hardtokenauthorization.clear();
    }
    
    
    // Private fields
    private Admin administrator;
    // Session Bean interfaces
    private ICAAdminSessionLocal caadminsession;
    private IRaAdminSessionLocal raadminsession;
    private IAuthorizationSessionLocal authorizationsession;
    private ISignSessionLocal signsession;
    private IPublisherSessionLocal publishersession;
    private ICertificateStoreSessionLocal certificatestoresession;
    
    // Memory variables.
    LogAuthorization logauthorization = null;
    RAAuthorization raauthorization = null;
    CAAuthorization caauthorization = null;
    HardTokenAuthorization hardtokenauthorization = null;
    
    HashMap endentityprofileidtonamemap = null;
    HashMap caidtonamemap = null;
    HashMap certificateprofileidtonamemap = null;    
    HashMap endentityavailablecas = null;
    HashMap publisheridtonamemap = null;

    TreeMap authgroups = null;
    TreeMap publishernames = null;
    HashMap admingrpidmap = null;
    
    HashSet authorizedaccessrules = null;
    
    GlobalConfiguration globalconfiguration = null;
    EndEntityProfileNameProxy endentityprofilenameproxy = null;
    CertificateProfileNameProxy certificateprofilenameproxy = null;
}