com.netscape.cms.policy.extensions
Class SubjAltNameExt

java.lang.Object
  extended by com.netscape.cms.policy.APolicyRule
      extended by com.netscape.cms.policy.extensions.SubjAltNameExt
All Implemented Interfaces:
IExtendedPluginInfo, IEnrollmentPolicy, IPolicyRule, IPolicy

Deprecated.

public class SubjAltNameExt
extends APolicyRule
implements IEnrollmentPolicy, IExtendedPluginInfo

THIS POLICY HAS BEEN DEPRECATED SINCE CMS 4.2. New Policy is com.netscape.certsrv.policy.SubjectAltNameExt.

Subject Alternative Name extension policy in CMS 4.1. Adds the subject alternative name extension depending on the certificate type requested. Two forms are supported. 1) For S/MIME certificates, email addresses are copied from data stored in the request by the authentication component. Both 'e' and 'altEmail' are supported so that both the primary address and alternative forms may be certified. Only the primary goes in the subjectName position (which should be phased out). e mailAlternateAddress

 NOTE:  The Policy Framework has been replaced by the Profile Framework.
 

Version:
$Revision: 1226 $, $Date: 2010-08-19 14:16:41 -0700 (Thu, 19 Aug 2010) $

Field Summary
protected  boolean mAllowAgentOverride
          Deprecated.  
protected  boolean mAllowEEOverride
          Deprecated.  
protected  boolean mCritical
          Deprecated.  
protected  boolean mEnableManualValues
          Deprecated.  
protected static java.lang.String PROP_AGENT_OVERR
          Deprecated.  
protected static java.lang.String PROP_CRITICAL
          Deprecated.  
protected static java.lang.String PROP_EE_OVERR
          Deprecated.  
protected static java.lang.String PROP_ENABLE_MANUAL_VALUES
          Deprecated.  
 
Fields inherited from class com.netscape.cms.policy.APolicyRule
DESC, mFilterExp, mInstanceName, mLogger, NAME
 
Fields inherited from interface com.netscape.certsrv.policy.IPolicyRule
PROP_ENABLE, PROP_IMPLNAME, PROP_PREDICATE
 
Fields inherited from interface com.netscape.certsrv.base.IExtendedPluginInfo
HELP_TEXT, HELP_TOKEN
 
Constructor Summary
SubjAltNameExt()
          Deprecated.  
 
Method Summary
protected  void addValues(IAuthToken tok, java.lang.String attrName, java.util.Vector v)
          Deprecated. Add attribute values from an LDAP attribute to a vector
 PolicyResult apply(IRequest req)
          Deprecated. Adds the subject alternative names extension if not set already.
 PolicyResult applyCert(IRequest req, netscape.security.x509.X509CertInfo certInfo)
          Deprecated.  
protected  netscape.security.x509.CertificateExtensions createCertificateExtensions(netscape.security.x509.X509CertInfo certInfo)
          Deprecated. Create a new SET of extensions in the certificate info object.
protected  IAuthToken findAuthToken(IRequest req, java.lang.String authMgrName)
          Deprecated. Find a particular authentication token by manager name.
 java.util.Vector getDefaultParams()
          Deprecated. Return default parameters for a policy implementation.
protected  java.util.Vector getEmailList(IAuthToken tok)
          Deprecated. Generate a String Vector containing all the email addresses found in this Authentication token
 java.lang.String[] getExtendedPluginInfo(java.util.Locale locale)
          Deprecated. This method returns an array of strings.
 java.util.Vector getInstanceParams()
          Deprecated. Return configured parameters for a policy rule instance.
 void init(ISubsystem owner, IConfigStore config)
          Deprecated. Initializes this policy rule.
protected  netscape.security.x509.SubjectAlternativeNameExtension mkExt(java.util.Vector emails)
          Deprecated. Make a Subject name extension given a list of email addresses
 
Methods inherited from class com.netscape.cms.policy.APolicyRule
agentApproved, createKeyIdentifier, deferred, formSHA1KeyId, formSpkiSHA1KeyId, getDescription, getInstanceName, getName, getPredicate, log, setError, setError, setError, setInstanceName, setPolicyException, setPolicyException, setPredicate
 
Methods inherited from class java.lang.Object
clone, equals, finalize, getClass, hashCode, notify, notifyAll, toString, wait, wait, wait
 
Methods inherited from interface com.netscape.certsrv.policy.IPolicyRule
getDescription, getInstanceName, getName, getPredicate, setError, setInstanceName, setPolicyException, setPredicate
 

Field Detail

PROP_AGENT_OVERR

protected static final java.lang.String PROP_AGENT_OVERR
Deprecated. 
See Also:
Constant Field Values

PROP_EE_OVERR

protected static final java.lang.String PROP_EE_OVERR
Deprecated. 
See Also:
Constant Field Values

PROP_ENABLE_MANUAL_VALUES

protected static final java.lang.String PROP_ENABLE_MANUAL_VALUES
Deprecated. 
See Also:
Constant Field Values

PROP_CRITICAL

protected static final java.lang.String PROP_CRITICAL
Deprecated. 
See Also:
Constant Field Values

mAllowAgentOverride

protected boolean mAllowAgentOverride
Deprecated. 

mAllowEEOverride

protected boolean mAllowEEOverride
Deprecated. 

mEnableManualValues

protected boolean mEnableManualValues
Deprecated. 

mCritical

protected boolean mCritical
Deprecated. 
Constructor Detail

SubjAltNameExt

public SubjAltNameExt()
Deprecated. 
Method Detail

getExtendedPluginInfo

public java.lang.String[] getExtendedPluginInfo(java.util.Locale locale)
Deprecated. 
Description copied from interface: IExtendedPluginInfo
This method returns an array of strings. Each element of the array represents a configurable parameter, or some other meta-info (such as help-token) there is an entry indexed on that parameter name ;[,required];;... Where: type_info is either 'string', 'number', 'boolean', 'password' or 'choice(ch1,ch2,ch3,...)' If the marker 'required' is included after the type_info, the parameter will has some visually distinctive marking in the UI. 'description' is a short sentence describing the parameter 'choice' is rendered as a drop-down list. The first parameter in the list will be activated by default 'boolean' is rendered as a checkbox. The resulting parameter will be either 'true' or 'false' 'string' allows any characters 'number' allows only numbers 'password' is rendered as a password field (the characters are replaced with *'s when being types. This parameter is not passed through to the plugin. It is instead inserted directly into the password cache keyed on the instance name. The value of the parameter 'bindPWPrompt' (see example below) is set to the key. In addition to the configurable parameters, the following magic parameters may be defined: HELP_TOKEN;helptoken - a pointer to the online manual section for this plugin HELP_TEXT;helptext - a general help string describing the plugin For example: "username;string;The username you wish to login as" "bindPWPrompt;password;Enter password to bind as above user with" "algorithm;choice(RSA,DSA);Which algorithm do you want to use" "enable;boolean;Do you want to run this plugin" "port;number;Which port number do you want to use"

Specified by:
getExtendedPluginInfo in interface IExtendedPluginInfo

init

public void init(ISubsystem owner,
                 IConfigStore config)
          throws EBaseException
Deprecated. 
Initializes this policy rule.

The entries may be of the form: ra.Policy.rule..implName=SubjAltNameExt ra.Policy.rule..enable=true

Specified by:
init in interface IPolicyRule
Specified by:
init in class APolicyRule
Parameters:
config - The config store reference
Throws:
EBaseException

apply

public PolicyResult apply(IRequest req)
Deprecated. 
Adds the subject alternative names extension if not set already.

Specified by:
apply in interface IPolicyRule
Specified by:
apply in interface IPolicy
Specified by:
apply in class APolicyRule
Parameters:
req - The request on which to apply policy.
Returns:
The policy result object.

applyCert

public PolicyResult applyCert(IRequest req,
                              netscape.security.x509.X509CertInfo certInfo)
Deprecated. 

findAuthToken

protected IAuthToken findAuthToken(IRequest req,
                                   java.lang.String authMgrName)
Deprecated. 
Find a particular authentication token by manager name. If the token is not present return null


getEmailList

protected java.util.Vector getEmailList(IAuthToken tok)
Deprecated. 
Generate a String Vector containing all the email addresses found in this Authentication token


addValues

protected void addValues(IAuthToken tok,
                         java.lang.String attrName,
                         java.util.Vector v)
Deprecated. 
Add attribute values from an LDAP attribute to a vector


mkExt

protected netscape.security.x509.SubjectAlternativeNameExtension mkExt(java.util.Vector emails)
                                                                throws java.io.IOException
Deprecated. 
Make a Subject name extension given a list of email addresses

Throws:
java.io.IOException

createCertificateExtensions

protected netscape.security.x509.CertificateExtensions createCertificateExtensions(netscape.security.x509.X509CertInfo certInfo)
                                                                            throws java.io.IOException,
                                                                                   java.security.cert.CertificateException
Deprecated. 
Create a new SET of extensions in the certificate info object. This should be a method in the X509CertInfo object

Throws:
java.io.IOException
java.security.cert.CertificateException

getInstanceParams

public java.util.Vector getInstanceParams()
Deprecated. 
Return configured parameters for a policy rule instance.

Specified by:
getInstanceParams in interface IPolicyRule
Specified by:
getInstanceParams in class APolicyRule
Returns:
nvPairs A Vector of name/value pairs.

getDefaultParams

public java.util.Vector getDefaultParams()
Deprecated. 
Return default parameters for a policy implementation.

Specified by:
getDefaultParams in interface IPolicyRule
Specified by:
getDefaultParams in class APolicyRule
Returns:
nvPairs A Vector of name/value pairs.