diff options
Diffstat (limited to 'spss/server/serverlib/src/main/java/at/gv/egovernment/moa/spss/server/config/ConfigurationProvider.java')
| -rw-r--r-- | spss/server/serverlib/src/main/java/at/gv/egovernment/moa/spss/server/config/ConfigurationProvider.java | 967 |
1 files changed, 0 insertions, 967 deletions
diff --git a/spss/server/serverlib/src/main/java/at/gv/egovernment/moa/spss/server/config/ConfigurationProvider.java b/spss/server/serverlib/src/main/java/at/gv/egovernment/moa/spss/server/config/ConfigurationProvider.java deleted file mode 100644 index d67cbf1b4..000000000 --- a/spss/server/serverlib/src/main/java/at/gv/egovernment/moa/spss/server/config/ConfigurationProvider.java +++ /dev/null @@ -1,967 +0,0 @@ -/* - * Copyright 2003 Federal Chancellery Austria - * MOA-SPSS has been developed in a cooperation between BRZ, the Federal - * Chancellery Austria - ICT staff unit, and Graz University of Technology. - * - * Licensed under the EUPL, Version 1.1 or - as soon they will be approved by - * the European Commission - subsequent versions of the EUPL (the "Licence"); - * You may not use this work except in compliance with the Licence. - * You may obtain a copy of the Licence at: - * http://www.osor.eu/eupl/ - * - * Unless required by applicable law or agreed to in writing, software - * distributed under the Licence is distributed on an "AS IS" basis, - * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - * See the Licence for the specific language governing permissions and - * limitations under the Licence. - * - * This product combines work with different licenses. See the "NOTICE" text - * file for details on the various modules and licenses. - * The "NOTICE" text file is part of the distribution. Any derivative works - * that you distribute must include a readable copy of the "NOTICE" text file. - */ - - -package at.gv.egovernment.moa.spss.server.config; - -import iaik.asn1.structures.Name; -import iaik.pki.revocation.RevocationSourceTypes; -import iaik.utils.RFC2253NameParser; -import iaik.utils.RFC2253NameParserException; - -import java.io.File; -import java.io.FileInputStream; -import java.io.IOException; -import java.math.BigInteger; -import java.net.URL; -import java.security.Principal; -import java.security.cert.X509Certificate; -import java.util.ArrayList; -import java.util.Collections; -import java.util.Iterator; -import java.util.List; -import java.util.Map; -import java.util.Map.Entry; -import java.util.Set; - -import org.w3c.dom.Element; - -import at.gv.egovernment.moa.logging.LogMsg; -import at.gv.egovernment.moa.logging.Logger; -import at.gv.egovernment.moa.spss.api.common.TSLConfiguration; -import at.gv.egovernment.moa.spss.util.MessageProvider; -import at.gv.egovernment.moa.util.DOMUtils; - -/** - * A class providing access to the MOA configuration data. - * - * <p>Configuration data is read from an XML file, whose location is given by - * the <code>moa.spss.server.configuration</code> system property.</p> - * <p>This class implements the Singleton pattern. The <code>reload()</code> - * method can be used to update the configuration data. Therefore, it is not - * guaranteed that consecutive calls to <code>getInstance()</code> will return - * the same <code>ConfigurationProvider</code> all the time. During the - * processing of a web service request, the current - * <code>TransactionContext</code> should be used to obtain the - * <code>ConfigurationProvider</code> local to that request.</p> - * - * @author Patrick Peck - * @author Sven Aigner - * @version $Id$ - */ -public class ConfigurationProvider -{ - /** - * The name of the system property which contains the file name of the - * configuration file. - */ - public static final String CONFIG_PROPERTY_NAME = - "moa.spss.server.configuration"; - - /** - * A fake <code>IssuerAndSerial</code> object for storing KeyGroup information - * accessible by all clients. - */ - private static final IssuerAndSerial ANONYMOUS_ISSUER_SERIAL = - new IssuerAndSerial(new Name(), new BigInteger("0")); - - /** Singleton instance. <code>null</code>, if none has been created. */ - private static ConfigurationProvider instance; - - // - // configuration data - // - - /** The warnings generated when building the configuration. */ - private List warnings = new ArrayList(); - - /** The default digest method algorithm name */ - private String digestMethodAlgorithmName; - - /** The default canonicalization algorithm name */ - private String canonicalizationAlgorithmName; - - /** The XAdES version used for signature creation */ - private String xadesVersion; - - /** - * A <code>List</code> of <code>HardwareCryptoModule</code> objects for - * configuring hardware modules. - */ - private List hardwareCryptoModules; - - /** - * A <code>List</code> of <code>HardwareKey</code> objects containing the - * configuration data for hardware keys. - */ - private List hardwareKeyModules; - - /** - * A <code>List</code> of <code>SoftwareKey</code> objects containing the - * configuration data for software keys. - */ - private List softwareKeyModules; - - /** - * A <code>Map</code> which contains a KeyGroupId (a <code>String</code>) to - * KeyGroup mapping. - */ - private Map keyGroups; - - /** - * A <code>Map</code> which contains the <code>IssuerAndSerial</code> to - * <code>KeyGroup</code> mapping. - */ - private Map keyGroupMappings; - - /** The default chaining mode. */ - private String defaultChainingMode; - - /** - * A <code>Map</code> which contains the <code>IssuerAndSerial</code> to - * chaining mode (a <code>String</code>) mapping. - */ - private Map chainingModes; - - /** - * A <code>Map</code> which contains the CAIssuerDN (a <code>String</code>) - * to distribution points (a <code>Set</code> of - * <code>DistributionPoint</code>s) mapping. - */ - - private Map distributionPoints; - /** - * The CRL archive duration. - */ - private int cRLArchiveDuration; - - /** - * Indicates whether revocation information should be archived. - */ - private boolean enableRevocationArchiving_; - - /** - * The location of the certificate store. - */ - private String certStoreLocation_; - - /** - * A <code>Map</code> which contains a mapping from - * CreateSignatureEnvironmentProfile Ids (<code>String</code>) to - * CreateSignatureEnvironmentProfile elements (an <code>Element</code>). - */ - private Map createSignatureEnvironmentProfiles; - - /** - * A <code>Map</code> which contains a mapping from - * CreateTransformsInfoProfile Ids (<code>String</code>) to - * CreateTransformsInfoProfile elements (an <code>Element</code>). - */ - private Map createTransformsInfoProfiles; - - /** - * A <code>Map</code> which contains a mapping from - * VerifyTransformsInfoProfile Ids (<code>String</code>) to - * VerifyTransformsInfoProfile elements (an <code>Element</code>). - */ - private Map verifyTransformsInfoProfiles; - - /** - * A <code>Map</code> which contains a mapping from - * SupplementProfile Ids (<code>String</code>) to SupplementProfile elements - * (an <code>Element</code>). - */ - private Map supplementProfiles; - - /** - * A <code>Map</code> which contains a TrustProfile Id (a <code>String</code> - * to trust profile (a <code>TrustProfile</code>) mapping. - */ - private Map trustProfiles; - - /** - * The JDBC URL for the revocation archive database. - */ - private String revocationArchiveJDBCURL_; - - /** - * The JDBC driver class name for the revocation archive database. - */ - private String revocationArchiveJDBCDriverClass_; - - /** - * Indicates whether revocation checking should be done. - */ - private boolean enableRevocationChecking_; - - /** - * The maximum age of a revocation information for considering it still as valid. - */ - private long maxRevocationAge_; - - /** - * The service order for revocation checking. - */ - private String[] serviceOrder_; - - /** - * Indicates whether certificates found during certificate path construction - * should be added to the certificate store. - */ - private boolean autoAddCertificates_; - - /** - * Indicates whether the certificate extension Authority Info Access should - * be used during certificate path construction. - */ - private boolean useAuthorityInfoAccess_; - /** - * Indicates whether file URIs are allowed or not - */ - private boolean permitFileURIs; - - /** - * Indicates the CRL retention intervals - */ - private Map crlRetentionIntervals; - - /** - * Indicates wether external URIs are allowed or not - */ - private boolean allowExternalUris_; - - /** - * A <code>List</code> of black listed URIs (host and port) - */ - private List blackListedUris_; - - /** - * A <code>List</code> of white listed URIs (host and port) - */ - private List whiteListedUris_; - - /** - * A <code>TSLConfiguration</code> that represents the global TSL configuration - */ - private TSLConfiguration tslconfiguration_; - - - /** - * Return the single instance of configuration data. - * - * @return MOAConfigurationProvider The current configuration data. - * @throws ConfigurationException Failure to load the configuration data. - */ - public static synchronized ConfigurationProvider getInstance() - throws ConfigurationException { - - if (instance == null) { - reload(); - } - return instance; - } - - /** - * Reload the configuration data and set it if successful. - * - * @return MOAConfigurationProvider The loaded configuration data. - * @throws ConfigurationException Failure to load the configuration data. - */ - public static synchronized ConfigurationProvider reload() - throws ConfigurationException { - String fileName = System.getProperty(CONFIG_PROPERTY_NAME); - - if (fileName == null) { - // find out where we are running and use the configuration provided - // under WEB-INF/conf/moa-spss/MOA-SPSSConfiguration - URL url = ConfigurationProvider.class.getResource("/"); - fileName = - new File(url.getPath()).getParent() - + "/conf/moa-spss/MOA-SPSSConfiguration.xml"; - info("config.05", new Object[] { CONFIG_PROPERTY_NAME }); - } - - instance = new ConfigurationProvider(fileName); - return instance; - } - - /** - * Constructor for ConfigurationProvider. - * - * @param fileName The name of the configuration file. - * @throws ConfigurationException An error occurred loading the configuration. - */ - public ConfigurationProvider(String fileName) throws ConfigurationException { - load(fileName); - } - - /** - * Load the configuration data from XML file with the given name and build - * the internal data structures representing the MOA configuration. - * - * @param fileName The name of the XML file to load. - * @throws ConfigurationException The MOA configuration could not be - * read/built. - */ - private void load(String fileName) throws ConfigurationException { - FileInputStream stream = null; - File configFile; - File configRoot; - Element configElem; - ConfigurationPartsBuilder builder; - List allKeyModules; - - - // load the main config file - try { - configFile = new File(fileName); - configRoot = new File(configFile.getParent()); - info("config.21", new Object[] { configFile.getAbsoluteFile()}); - stream = new FileInputStream(fileName); - configElem = DOMUtils.parseXmlValidating(new FileInputStream(fileName)); - } catch (Throwable t) { - throw new ConfigurationException("config.10", null, t); - } - - // build the internal datastructures - try { - builder = new ConfigurationPartsBuilder(configElem, configRoot); - - if (builder.checkTrustProfilesTSLenabled()) { - debug("TSL support enabled for at least one trustprofile."); - tslconfiguration_ = builder.getTSLConfiguration(); - trustProfiles = builder.buildTrustProfiles(tslconfiguration_.getWorkingDirectory()); - } - else { - tslconfiguration_ = null; - trustProfiles = builder.buildTrustProfiles(); - } - - digestMethodAlgorithmName = builder.getDigestMethodAlgorithmName(); - canonicalizationAlgorithmName = - builder.getCanonicalizationAlgorithmName(); - hardwareCryptoModules = builder.buildHardwareCryptoModules(); - hardwareKeyModules = - builder.buildHardwareKeyModules(Collections.EMPTY_LIST); - softwareKeyModules = - builder.buildSoftwareKeyModules(hardwareKeyModules); - allKeyModules = new ArrayList(hardwareKeyModules); - allKeyModules.addAll(softwareKeyModules); - keyGroups = builder.buildKeyGroups(allKeyModules); - keyGroupMappings = - builder.buildKeyGroupMappings(keyGroups, ANONYMOUS_ISSUER_SERIAL); - - xadesVersion = builder.getXAdESVersion(); - defaultChainingMode = builder.getDefaultChainingMode(); - chainingModes = builder.buildChainingModes(); - useAuthorityInfoAccess_ = builder.getUseAuthorityInfoAccess(); - autoAddCertificates_ = builder.getAutoAddCertificates(); - //trustProfiles = builder.buildTrustProfiles(tslconfiguration_.getWorkingDirectory()); - - - distributionPoints = builder.buildDistributionPoints(); - enableRevocationChecking_ = builder.getEnableRevocationChecking(); - maxRevocationAge_ = builder.getMaxRevocationAge(); - serviceOrder_ = builder.getServiceOrder(); - enableRevocationArchiving_ = builder.getEnableRevocationArchiving(); - cRLArchiveDuration = builder.getRevocationArchiveDuration(); - revocationArchiveJDBCURL_ = builder.getRevocationArchiveJDBCURL(); - revocationArchiveJDBCDriverClass_ = builder.getRevocationArchiveJDBCDriverClass(); - - - - //check TSL configuration - checkTSLConfiguration(); - - - - certStoreLocation_ = builder.getCertStoreLocation(); - createTransformsInfoProfiles = builder.buildCreateTransformsInfoProfiles(); - createSignatureEnvironmentProfiles = builder.buildCreateSignatureEnvironmentProfiles(); - verifyTransformsInfoProfiles = builder.buildVerifyTransformsInfoProfiles(); - supplementProfiles = builder.buildSupplementProfiles(); - warnings = new ArrayList(builder.getWarnings()); - permitFileURIs = builder.getPermitFileURIs(); - crlRetentionIntervals = builder.getCrlRetentionIntervals(); - - allowExternalUris_= builder.allowExternalUris(); - - if (allowExternalUris_) { - blackListedUris_ = builder.buildPermitExternalUris(); - whiteListedUris_ = null; - } - else { - info("config.35", null); - blackListedUris_ = null; - whiteListedUris_ = builder.buildForbidExternalUris(); - } - - - -// Set set = crlRetentionIntervals.entrySet(); -// Iterator i = set.iterator(); -// while(i.hasNext()){ -// Map.Entry me = (Map.Entry)i.next(); -// System.out.println("Key: " + me.getKey() + " - Value: " + me.getValue() ); -// } - - - } catch (Throwable t) { - throw new ConfigurationException("config.11", null, t); - } finally { - try { - if (stream != null) { - stream.close(); - } - } catch (IOException e) { - // don't complain about this - } - } - } - - private boolean checkTSLenableTrustprofilesExist()throws ConfigurationException { - boolean bTSLEnabledTPExist = false; - Iterator it = trustProfiles.entrySet().iterator(); - while (it.hasNext()) { - Map.Entry pairs = (Map.Entry)it.next(); - TrustProfile tp = (TrustProfile) pairs.getValue(); - if (tp.isTSLEnabled()) - bTSLEnabledTPExist = bTSLEnabledTPExist || true; - } - - return bTSLEnabledTPExist; - - } - - private void checkTSLConfiguration() throws ConfigurationException { - boolean bTSLEnabledTPExist = false; - Iterator it = trustProfiles.entrySet().iterator(); - while (it.hasNext()) { - Map.Entry pairs = (Map.Entry)it.next(); - TrustProfile tp = (TrustProfile) pairs.getValue(); - if (tp.isTSLEnabled()) - bTSLEnabledTPExist = bTSLEnabledTPExist || true; - } - - if (!bTSLEnabledTPExist) { - // if no trustprofile has TSL support enabled, delete TSL configuration - tslconfiguration_ = null; - return; - } - - if (bTSLEnabledTPExist && (tslconfiguration_ == null)) { - error("config.40", null); - throw new ConfigurationException("config.40", null); - } - - File workingDir = new File(tslconfiguration_.getWorkingDirectory()); - File eu_trust = new File(workingDir.getAbsolutePath() + "/trust/eu"); - if (!eu_trust.exists()) { - error("config.51", new Object[] {"Verzeichnis \"trust/eu\" existiert nicht"}); - throw new ConfigurationException("config.51", new Object[] {"Verzeichnis \"trust/eu\" existiert nicht"}); - } - else { - File[] eutrustFiles = eu_trust.listFiles(); - if (eutrustFiles == null) { - error("config.51", new Object[] {"Verzeichnis \"trust/eu\" ist leer"}); - throw new ConfigurationException("config.51", new Object[] {"Verzeichnis \"trust/eu\" ist leer"}); - } - else { - if (eutrustFiles.length == 0) { - error("config.51", new Object[] {"Verzeichnis \"trust/eu\" ist leer"}); - throw new ConfigurationException("config.51", new Object[] {"Verzeichnis \"trust/eu\" ist leer"}); - } - } - - } - - File hashcache = new File(tslconfiguration_.getWorkingDirectory(), "hashcache"); - if (!hashcache.exists()) { - hashcache.mkdir(); - } - if (!hashcache.isDirectory()) { - error("config.38", new Object[] { hashcache.getAbsolutePath() }); - return; - } - - System.setProperty("iaik.xml.crypto.tsl.BinaryHashCache.DIR", hashcache.getAbsolutePath()); -// String hashcachedir = System.getProperty("iaik.xml.crypto.tsl.BinaryHashCache.DIR"); -// System.out.println("Hashcache: " + hashcachedir); - - - Logger.debug("TSL Konfiguration - Hashcache: " + hashcache.getAbsolutePath()); - - - } - - - /** - * Returns the warnings encountered during building the configuration. - * - * @return A <code>List</code> of <code>String</code>s, containing the - * warning messages. - */ - public List getWarnings() { - return warnings; - } - - /** - * Return the name of the digest algorithm used during signature creation. - * - * @return The digest method algorithm name, or an empty <code>String</code>, - * if none has been configured. - */ - public String getDigestMethodAlgorithmName() { - return digestMethodAlgorithmName; - } - - /** - * Return the XAdES version used for signature creation. - * - * @return The XAdES version used for signature creation, or an empty <code>String</code>, - * if none has been configured. - */ - public String getXAdESVersion() { - return xadesVersion; - } - - public boolean getAllowExternalUris() { - return this.allowExternalUris_; - } - - public List getBlackListedUris() { - return this.blackListedUris_; - } - public List getWhiteListedUris() { - return this.whiteListedUris_; - } - - /** - * Return the name of the canonicalization algorithm used during signature - * creation. - * - * @return The canonicalization algorithm name, or an empty - * <code>String</code> if none has been configured. - */ - public String getCanonicalizationAlgorithmName() { - return canonicalizationAlgorithmName; - } - - /** - * Return the configured hardware crypto modules. - * - * @return A <code>List</code> of <code>HardwareCryptoModule</code> objects - * containing the hardware crypto module configurations. - */ - public List getHardwareCryptoModules() { - return hardwareCryptoModules; - } - - /** - * Return the hardware key modules configuration. - * - * @return A <code>List</code> of <code>HardwareKeyModule</code> objects - * containing the configuration of the hardware key modules. - */ - public List getHardwareKeyModules() { - return hardwareKeyModules; - } - - /** - * Return the software key module configuration. - * - * @return A <code>List</code> of <code>SoftwareKeyModule</code> objects - * containing the configuration of the software key modules. - */ - public List getSoftwareKeyModules() { - return softwareKeyModules; - } - - /** - * Return the key group mapping. - * - * @return A mapping from key group ID (a <code>String</code>) to - * <code>KeyGroup</code> mapping. - */ - public Map getKeyGroups() { - return keyGroups; - } - - public KeyGroup getKeyGroup(String keyGroupId) { - KeyGroup keyGroup = (KeyGroup) keyGroups.get(keyGroupId); - return keyGroup; - } - - /** - * Return the set of <code>KeyGroupEntry</code>s of a given key group, which a - * client (identified by an issuer/serial pair) may access. - * - * @param issuer The issuer of the client certificate. - * @param serial The serial number of the client certificate. - * @param keyGroupId The ID of the key group. - * @return A <code>Set</code> of all the <code>KeyGroupEntry</code>s in the - * given key group, if the user may access them. Returns <code>null</code>, if - * the user may not access the given key group or if the key group does not - * exist. - */ - public Set getKeyGroupEntries( - Principal issuer, - BigInteger serial, - String keyGroupId) { - - IssuerAndSerial issuerAndSerial; - Map mapping; - - if (issuer == null && serial == null) { - issuerAndSerial = ANONYMOUS_ISSUER_SERIAL; - } else { - issuerAndSerial = new IssuerAndSerial(issuer, serial); - } - -// System.out.println("Issuer: " + issuer); -// System.out.println("serial: " + serial); -// -// Iterator entries = keyGroupMappings.entrySet().iterator(); -// while (entries.hasNext()) { -// Entry thisEntry = (Entry) entries.next(); -// System.out.println("Entry: " + thisEntry.getKey()); -// System.out.println("Value: " + thisEntry.getValue()); -// } - - mapping = (Map) keyGroupMappings.get(issuerAndSerial); - if (mapping != null) { - KeyGroup keyGroup = (KeyGroup) mapping.get(keyGroupId); - - if (keyGroup != null) { - return keyGroup.getKeyGroupEntries(); - } - } - - // If no key group is available for a client identified by a certificate, - // try to find a key group in the anonymous key group mapping - if (issuer != null || serial != null) - { - mapping = (Map) keyGroupMappings.get(ANONYMOUS_ISSUER_SERIAL); - if (mapping != null) - { - KeyGroup keyGroup = (KeyGroup) mapping.get(keyGroupId); - if (keyGroup != null) return keyGroup.getKeyGroupEntries(); - } - } - - return null; - } - - /** - * Return the chaining mode for a given trust anchor. - * - * @param trustAnchor The trust anchor for which the chaining mode should be - * returned. - * @return The chaining mode for the given trust anchor. If the trust anchor - * has not been configured separately, the system default will be returned. - */ - public String getChainingMode(X509Certificate trustAnchor) { - Principal issuer = trustAnchor.getIssuerDN(); - BigInteger serial = trustAnchor.getSerialNumber(); - IssuerAndSerial issuerAndSerial = new IssuerAndSerial(issuer, serial); - - String mode = (String) chainingModes.get(issuerAndSerial); - return mode != null ? mode : defaultChainingMode; - } - - /** - * Return the distribution points for a given CA. - * - * @param cert The certificate for which the distribution points should be - * looked up. The issuer information is used to perform the lookup. - * - * @return A <code>Set</code> of <code>DistributionPoint</code> objects. The - * set will be empty, if no distribution points have been configured - * for this certificate. - */ - public Set getDistributionPoints(X509Certificate cert) - { - try { - RFC2253NameParser nameParser = - new RFC2253NameParser(cert.getIssuerDN().toString()); - String caIssuerDN = nameParser.parse().getName(); - Set dps = (Set) distributionPoints.get(caIssuerDN); - - if (dps == null) { - return Collections.EMPTY_SET; - } - return dps; - } catch (RFC2253NameParserException e) { - return Collections.EMPTY_SET; - } - } - - /** - * Return the CRL archive duration. - * - * @return The duration of how long to keep CRL archive entries (measured in - * days). - */ - public int getCRLArchiveDuration() { - return cRLArchiveDuration; - } - - /** - * Returns whether revocation information should be archived. - * - * @return whether revocation information should be archived. - */ - public boolean getEnableRevocationArchiving() - { - return enableRevocationArchiving_; - } - - /** - * Returns the location of the certificate store. - * - * @return the location of the certificate store. - */ - public String getCertStoreLocation() - { - return certStoreLocation_; - } - - /** - * Return a <code>CreateTransformsInfoProfile</code> with the given ID. - * - * @param id The <code>CreateTransformsInfoProfile</code> ID. - * @return The <code>CreateTransformsInfoProfile</code> with the given - * ID or <code>null</code>, if none exists. - */ - public Element getCreateTransformsInfoProfile(String id) { - return (Element) createTransformsInfoProfiles.get(id); - } - - /** - * Return a <code>CreateSignatureEnvironmentProfile</code> with the given ID. - * - * @param id The <code>CreateSignatureEnvironmentProfile</code> ID. - * @return The <code>CreateSignatureEnvironmentProfile</code> with the given - * ID or <code>null</code>, if none exists. - */ - public Element getCreateSignatureEnvironmentProfile(String id) { - return (Element) createSignatureEnvironmentProfiles.get(id); - } - - /** - * Return a <code>VerifyTransformsInfoProfile</code> with the given ID. - * - * @param id The <code>VerifyTransformsInfoProfile</code> ID. - * @return The <code>VerifyTransformsInfoProfile</code> with the given ID or - * <code>null</code>, if none exists. - */ - public Element getVerifyTransformsInfoProfile(String id) { - return (Element) verifyTransformsInfoProfiles.get(id); - } - - /** - * Return a <code>SupplementProfile</code> with the given ID. - * - * @param id The <code>SupplementProfile</code> ID. - * @return The <code>SupplementProfile</code> with the given ID or - * <code>null</code>, if none exists. - */ - public Element getSupplementProfile(String id) { - return (Element) supplementProfiles.get(id); - } - - /** - * Return a <code>TrustProfile</code> with the given ID. - * - * @param id The <code>TrustProfile</code> ID. - * @return The <code>TrustProfile</code> with the given ID or - * <code>null</code>, if none exists. - */ - public TrustProfile getTrustProfile(String id) { - return (TrustProfile) trustProfiles.get(id); - } - - /** - * Returns a map of <code>TrustProfiles</code> - * @return - */ - public Map getTrustProfiles() { - return trustProfiles; - } - - /** - * Log a warning. - * - * @param messageId The message ID. - * @param parameters Additional parameters for the message. - * @see at.gv.egovernment.moa.spss.server.util.MessageProvider - */ - private static void info(String messageId, Object[] parameters) { - MessageProvider msg = MessageProvider.getInstance(); - Logger.info(new LogMsg(msg.getMessage(messageId, parameters))); - } - - /** - * Log a debug message. - * - * @param messageId The message ID. - * @param parameters Additional parameters for the message. - * @see at.gv.egovernment.moa.spss.server.util.MessageProvider - */ - private static void debug(String message) { - Logger.debug(message); - } - - /** - * Log a warning. - * - * @param messageId The message ID. - * @param args Additional parameters for the message. - * @see at.gv.egovernment.moa.spss.server.util.MessageProvider - */ - private void warn(String messageId, Object[] args) { - MessageProvider msg = MessageProvider.getInstance(); - String txt = msg.getMessage(messageId, args); - - Logger.warn(new LogMsg(txt)); - warnings.add(txt); - } - - /** - * Log an error. - * - * @param messageId The message ID. - * @param args Additional parameters for the message. - * @see at.gv.egovernment.moa.spss.server.util.MessageProvider - */ - private void error(String messageId, Object[] args) { - MessageProvider msg = MessageProvider.getInstance(); - String txt = msg.getMessage(messageId, args); - - Logger.warn(new LogMsg(txt)); -// warnings.add(txt); - } - - /** - * Returns the JDBC URL for the revocation archive database. - * - * @return the JDBC URL for the revocation archive database. - */ - public String getRevocationArchiveJDBCURL() - { - return revocationArchiveJDBCURL_; - } - - /** - * Returns the JDBC driver class name for the revocation archive database. - * - * @return the JDBC driver class name for the revocation archive database. - */ - public String getRevocationArchiveJDBCDriverClass() - { - return revocationArchiveJDBCDriverClass_; - } - - /** - * Returns whether revocation checking should be done. - * - * @return whether revocation checking should be done. - */ - public boolean getEnableRevocationChecking() - { - return enableRevocationChecking_; - } - - /** - * Returns the maximum age of a revocation information for considering it - * still as valid. - * - * @return the maximum age of a revocation information for considering it - * still as valid. - */ - public long getMaxRevocationAge() - { - return maxRevocationAge_; - } - - /** - * Returns the service order for revocation checking. - * - * @return the service order for revocation checking. Valid array entries are - * {@link RevocationSourceTypes#OCSP} and {@link RevocationSourceTypes#CRL}. - */ - public String[] getServiceOrder() - { - return serviceOrder_; - } - - /** - * Returns whether certificates found during certificate path construction - * should be added to the certificate store. - * - * @return whether certificates found during certificate path construction - * should be added to the certificate store. - */ - public boolean getAutoAddCertificates() - { - return autoAddCertificates_; - } - - /** - * Returns whether the certificate extension Authority Info Access should - * be used during certificate path construction. - * - * @return whether the certificate extension Authority Info Access should - * be used during certificate path construction. - */ - public boolean getUseAuthorityInfoAccess() - { - return useAuthorityInfoAccess_; - } - - /** - * Returns whether the file URIs are permitted or not - * @return whether the file URIs are permitted or not - */ - public boolean getPermitFileURIs() - { - return permitFileURIs; - } - - /** - * Returns the map of retention intervals - * @return The map of retention intervals - */ - public Map getCrlRetentionIntervals() { - return crlRetentionIntervals; - } - - /** - * Returns the global TSL configuration - * @return The global TSL configuration - */ - public TSLConfiguration getTSLConfiguration() { - return tslconfiguration_; - } - -}
\ No newline at end of file |