Class PolicyRule
java.lang.Object
com.netscape.certsrv.request.Policy
org.dogtagpki.legacy.server.policy.PolicyRule
- Direct Known Subclasses:
EnrollmentPolicy
,RenewalPolicy
,RevocationPolicy
The abstract policy rule that concrete implementations will
extend.
NOTE: The Policy Framework has been replaced by the Profile Framework.
-
Field Summary
Fields -
Constructor Summary
Constructors -
Method Summary
Modifier and TypeMethodDescriptionprotected boolean
agentApproved
(Request req) request has previously been approved by an agentabstract PolicyResult
Applies the policy on the given Request.static org.mozilla.jss.netscape.security.x509.KeyIdentifier
createKeyIdentifier
(org.mozilla.jss.netscape.security.x509.X509Key key) protected PolicyResult
determines whether a DEFERRED policy result should be returned by checking the contents of the AgentApprovals attribute.protected org.mozilla.jss.netscape.security.x509.KeyIdentifier
formSHA1KeyId
(org.mozilla.jss.netscape.security.x509.X509CertInfo certInfo) Form a byte array of octet string key identifier from the sha-1 hash of the Subject Public Key BIT STRING.protected org.mozilla.jss.netscape.security.x509.KeyIdentifier
formSpkiSHA1KeyId
(org.mozilla.jss.netscape.security.x509.X509CertInfo certInfo) Form a byte array of octet string key identifier from the sha-1 hash of the Subject Public Key INFO.Return default parameters for a policy implementation.Gets the description for this policy rule.Returns the name of the policy rule instance.Return configured parameters for a policy rule instance.getName()
Returns the name of the policy rule.Returns the predicate expression for the rule.abstract void
init
(PolicyProcessor owner, ConfigStore config) Initializes the policy rule.void
void
void
void
setInstanceName
(String instanceName) Sets the instance name for a policy rule.void
setPolicyException
(Request req, EBaseException ex) void
setPolicyException
(Request req, String format, Object[] params) void
setPredicate
(IExpression exp) Sets a predicate expression for rule matching.
-
Field Details
-
logger
public static org.slf4j.Logger logger -
PROP_ENABLE
- See Also:
-
PROP_PREDICATE
- See Also:
-
PROP_IMPLNAME
- See Also:
-
NAME
-
DESC
-
mFilterExp
-
mInstanceName
-
-
Constructor Details
-
PolicyRule
public PolicyRule()
-
-
Method Details
-
init
Initializes the policy rule.- Parameters:
config
- The config store reference- Throws:
EBaseException
-
getDescription
Gets the description for this policy rule.- Returns:
- The Description for this rule.
-
setPredicate
Sets a predicate expression for rule matching.- Parameters:
exp
- The predicate expression for the rule.
-
getPredicate
Returns the predicate expression for the rule.- Returns:
- The predicate expression for the rule.
-
getName
Returns the name of the policy rule.- Returns:
- The name of the policy class.
-
setInstanceName
Sets the instance name for a policy rule.- Parameters:
instanceName
- The name of the rule instance.
-
getInstanceName
Returns the name of the policy rule instance.- Returns:
- The name of the policy rule instance if set, else the name of the rule class.
-
apply
Applies the policy on the given Request. -
getInstanceParams
Return configured parameters for a policy rule instance.- Returns:
- nvPairs A Vector of name/value pairs.
-
getDefaultParams
Return default parameters for a policy implementation.- Returns:
- nvPairs A Vector of name/value pairs.
-
setError
-
setError
-
setError
-
setPolicyException
-
deferred
determines whether a DEFERRED policy result should be returned by checking the contents of the AgentApprovals attribute. This call should be used by policy modules instead of returning PolicyResult.DEFERRED directly. -
agentApproved
request has previously been approved by an agent -
setPolicyException
-
createKeyIdentifier
public static org.mozilla.jss.netscape.security.x509.KeyIdentifier createKeyIdentifier(org.mozilla.jss.netscape.security.x509.X509Key key) throws NoSuchAlgorithmException, InvalidKeyException -
formSpkiSHA1KeyId
protected org.mozilla.jss.netscape.security.x509.KeyIdentifier formSpkiSHA1KeyId(org.mozilla.jss.netscape.security.x509.X509CertInfo certInfo) throws EBaseException Form a byte array of octet string key identifier from the sha-1 hash of the Subject Public Key INFO. (including algorithm ID, etc.)- Parameters:
certInfo
- cert info of the certificate.- Returns:
- A Key identifier with the sha-1 hash of subject public key.
- Throws:
EBaseException
-
formSHA1KeyId
protected org.mozilla.jss.netscape.security.x509.KeyIdentifier formSHA1KeyId(org.mozilla.jss.netscape.security.x509.X509CertInfo certInfo) throws EBaseException Form a byte array of octet string key identifier from the sha-1 hash of the Subject Public Key BIT STRING.- Parameters:
certInfo
- cert info of the certificate.- Returns:
- A Key identifier with the sha-1 hash of subject public key.
- Throws:
EBaseException
-