From 35963f5cb727db6b77962a0c58380b73c4e9d952 Mon Sep 17 00:00:00 2001 From: tknall Date: Tue, 9 Jan 2007 12:15:13 +0000 Subject: git-svn-id: https://joinup.ec.europa.eu/svn/pdf-as/trunk@24 7b5415b0-85f9-ee4d-85bd-d5d0c3b42d1c --- .../wag/egov/egiz/ldap/client/LDAPClient.java | 65 -------- .../egov/egiz/ldap/client/LDAPClientFactory.java | 119 -------------- .../egiz/ldap/client/LDAPClientFactoryImpl.java | 85 ---------- .../wag/egov/egiz/ldap/client/LDAPClientImpl.java | 175 --------------------- .../wag/egov/egiz/ldap/client/LDAPException.java | 26 --- .../wag/egov/egiz/ldap/client/LDAPMapping.java | 155 ------------------ 6 files changed, 625 deletions(-) delete mode 100644 src/main/java/at/knowcenter/wag/egov/egiz/ldap/client/LDAPClient.java delete mode 100644 src/main/java/at/knowcenter/wag/egov/egiz/ldap/client/LDAPClientFactory.java delete mode 100644 src/main/java/at/knowcenter/wag/egov/egiz/ldap/client/LDAPClientFactoryImpl.java delete mode 100644 src/main/java/at/knowcenter/wag/egov/egiz/ldap/client/LDAPClientImpl.java delete mode 100644 src/main/java/at/knowcenter/wag/egov/egiz/ldap/client/LDAPException.java delete mode 100644 src/main/java/at/knowcenter/wag/egov/egiz/ldap/client/LDAPMapping.java diff --git a/src/main/java/at/knowcenter/wag/egov/egiz/ldap/client/LDAPClient.java b/src/main/java/at/knowcenter/wag/egov/egiz/ldap/client/LDAPClient.java deleted file mode 100644 index 12f69fd..0000000 --- a/src/main/java/at/knowcenter/wag/egov/egiz/ldap/client/LDAPClient.java +++ /dev/null @@ -1,65 +0,0 @@ -package at.knowcenter.wag.egov.egiz.ldap.client; - -import iaik.x509.X509Certificate; - -import java.math.BigInteger; -import java.net.URL; - -/** - * @author Thomas Knall - */ -public interface LDAPClient { - - /** - * Returns the ldap url this client was registered for. - * - * @return The ldap url linked with this client. - */ - URL getUrl(); - - /** - * Sets the ldap url this client should be registered for. - * - * @param ldapURL - * The ldap url linked with this client. - */ - void setUrl(URL ldapURL); - - /** - * Returns the attribute name that represents the serial number. - * - * @return The attribute name representing the serial number. - */ - String getSerialNumberAttrName(); - - /** - * Sets the attribute name that represents the serial number. - * - * @param serialNumberAttrName - * The attribute name representing the serial number. - */ - void setSerialNumberAttrName(String serialNumberAttrName); - - /** - * Retrieves the certificate(s) matching the filter {@code filter}. - * - * @param filter - * The filter for the ldap request. - * @return An array of certificates matching the filter {@code filter}. - * @throws LDAPException - * Is thrown in case of error. - */ - X509Certificate[] retrieveCertificates(String filter) throws LDAPException; - - /** - * Retriebes the certificate with the serial number {@code serialNumber}. - * - * @param serialNumber - * The serial number of the required certificate. - * @return The certificate with the serial number {@code serialNumber}. - * @throws LDAPException - * Is thrown in case of error. - */ - X509Certificate retrieveCertificate(BigInteger serialNumber) throws LDAPException; - -} diff --git a/src/main/java/at/knowcenter/wag/egov/egiz/ldap/client/LDAPClientFactory.java b/src/main/java/at/knowcenter/wag/egov/egiz/ldap/client/LDAPClientFactory.java deleted file mode 100644 index 3a5ec2d..0000000 --- a/src/main/java/at/knowcenter/wag/egov/egiz/ldap/client/LDAPClientFactory.java +++ /dev/null @@ -1,119 +0,0 @@ -package at.knowcenter.wag.egov.egiz.ldap.client; - -import java.util.Hashtable; -import java.util.Iterator; - -import org.apache.log4j.Logger; - -import at.knowcenter.wag.egov.egiz.tools.Normalize; - - -/** - * @author Thomas Knall - */ -public abstract class LDAPClientFactory { - - private final Logger log = Logger.getLogger(getClass()); - - private static Hashtable ldapClientFactoryInstances = new Hashtable(); - - protected static final String DEFAULT_IDENTIFIER = "DEFAULT_IDENTIFIER"; - - private Hashtable registeredMappings; - private boolean hasBeenConfigured; - private Normalize normalizer; - private boolean whiteSpaceRemoval; - - protected LDAPClientFactory() { - this.registeredMappings = new Hashtable(); - this.hasBeenConfigured = false; - this.normalizer = null; - this.whiteSpaceRemoval = false; - } - - public void resetMappings() { - this.registeredMappings = new Hashtable(); - this.hasBeenConfigured = false; - } - - public boolean hasBeenConfigured() { - return this.hasBeenConfigured; - } - - public LDAPMapping getMapping(String issuerName) { - return this.registeredMappings.get(applyFilter(issuerName)); - } - - protected Normalize getNormalizer() { - return this.normalizer; - } - - public synchronized void registerMappings(Iterable iterable) { - Iterator it = iterable.iterator(); - if (!it.hasNext()) { - log.warn("There were no ldap mappings provided."); - } else { - this.hasBeenConfigured = true; - } - while (it.hasNext()) { - this.registerMapping(it.next()); - } - } - - public synchronized void registerMapping(LDAPMapping... ldapMappings) { - if (ldapMappings.length == 0) { - log.warn("There were no ldap mappings provided."); - } else { - this.hasBeenConfigured = true; - } - for (LDAPMapping ldapMapping : ldapMappings) { - log.debug("Registering Mapping for " + LDAPClientFactory.class.getSimpleName() + ": " + ldapMapping + "."); - String issuerName = applyFilter(ldapMapping.getIssuerName().getName()); - if (this.registeredMappings.containsKey(issuerName)) { - log.warn("Skipping mapping for issuer name \"" + issuerName + "\" because it has already been registered."); - } else { - this.registeredMappings.put(issuerName, ldapMapping); - } - } - } - - public void setNormalizer(Normalize normalizer) throws LDAPException { - if (this.hasBeenConfigured) { - throw new LDAPException("It is not allowed to set a normalizer after mappings have been defined."); - } - this.normalizer = normalizer; - } - - public void setWhiteSpaceRemoval(boolean whiteSpaceRemoval) throws LDAPException { - if (this.hasBeenConfigured) { - throw new LDAPException("It is not allowed to set whitespace removal after mappings have been defined."); - } - this.whiteSpaceRemoval = whiteSpaceRemoval; - } - - private String applyFilter(String text) { - if (this.normalizer != null) { - text = this.normalizer.normalize(text); - } - if (this.whiteSpaceRemoval) { - text = text.replaceAll("\\s", ""); - } - return text; - } - - public static synchronized LDAPClientFactory getInstance(String idenfifier) { - LDAPClientFactory ldapClientFactoryInstance = ldapClientFactoryInstances.get(idenfifier); - if (ldapClientFactoryInstance == null) { - ldapClientFactoryInstance = new LDAPClientFactoryImpl(); - ldapClientFactoryInstances.put(idenfifier, ldapClientFactoryInstance); - } - return ldapClientFactoryInstance; - } - - public static synchronized LDAPClientFactory getInstance() { - return getInstance(DEFAULT_IDENTIFIER); - } - - public abstract LDAPClient createClient(String issuerName) throws LDAPException; - -} diff --git a/src/main/java/at/knowcenter/wag/egov/egiz/ldap/client/LDAPClientFactoryImpl.java b/src/main/java/at/knowcenter/wag/egov/egiz/ldap/client/LDAPClientFactoryImpl.java deleted file mode 100644 index 88e39c8..0000000 --- a/src/main/java/at/knowcenter/wag/egov/egiz/ldap/client/LDAPClientFactoryImpl.java +++ /dev/null @@ -1,85 +0,0 @@ -package at.knowcenter.wag.egov.egiz.ldap.client; - -import iaik.asn1.ObjectID; -import iaik.asn1.structures.Name; -import iaik.utils.RFC2253NameParser; -import iaik.utils.RFC2253NameParserException; - -import java.util.Hashtable; - -import org.apache.log4j.Logger; - -/** - * @author Thomas Knall - */ -public final class LDAPClientFactoryImpl extends LDAPClientFactory { - - private final Logger log = Logger.getLogger(getClass()); - - private Hashtable ldapClients; - - protected LDAPClientFactoryImpl() { - this.ldapClients = new Hashtable(); - } - - public static String rfc2253Name2Domain(String nameString) throws RFC2253NameParserException { - RFC2253NameParser nameParser = new RFC2253NameParser(nameString); - return rfc2253Name2Domain(nameParser.parse()); - } - - public static String rfc2253Name2Domain(Name name) { - Object[] values = name.getRDNValues(ObjectID.domainComponent); - if (values == null) { - return null; - } - StringBuffer buffer = new StringBuffer(); - for (int i = values.length - 1; i >= 0; i--) { - buffer.append(values[i]); - if (i > 0) { - buffer.append("."); - } - } - return buffer.toString(); - } - - private LDAPClient instantiateLDAPClient(String issuerName) throws LDAPException { - if (!super.hasBeenConfigured()) { - log.warn(super.getClass().getSimpleName() + " has not been configured yet."); - } - LDAPClient client = null; - LDAPMapping mapping = super.getMapping(issuerName); - if (mapping == null) { - try { - String alternativeURLString = rfc2253Name2Domain(issuerName); - if (alternativeURLString == null || alternativeURLString.length() == 0) { - throw new LDAPException("Neither issuer name \"" + issuerName + "\" has been registered nor domain components were provided."); - } - alternativeURLString = "ldap://" + alternativeURLString; - log.warn("Issuer name \"" + issuerName + "\" has not been registered; trying to instantiate client for url \"" + alternativeURLString + "\"..."); - client = new LDAPClientImpl(alternativeURLString); - } catch (RFC2253NameParserException e) { - throw new LDAPException(e); - } - } else { - log.debug("Instantiating LDAP client for " + mapping + "."); - client = new LDAPClientImpl(mapping); - } - return client; - } - - public synchronized LDAPClient createClient(String issuerName) throws LDAPException { - if (issuerName == null || issuerName.length() == 0) { - throw new NullPointerException("Issuer name must not be null or empty."); - } - if (super.getNormalizer() != null) { - issuerName = super.getNormalizer().normalize(issuerName); - } - LDAPClient ldapClient = ldapClients.get(issuerName); - if (ldapClient == null) { - ldapClient = instantiateLDAPClient(issuerName); - ldapClients.put(issuerName, ldapClient); - } - return ldapClient; - } - -} diff --git a/src/main/java/at/knowcenter/wag/egov/egiz/ldap/client/LDAPClientImpl.java b/src/main/java/at/knowcenter/wag/egov/egiz/ldap/client/LDAPClientImpl.java deleted file mode 100644 index 3dae9ae..0000000 --- a/src/main/java/at/knowcenter/wag/egov/egiz/ldap/client/LDAPClientImpl.java +++ /dev/null @@ -1,175 +0,0 @@ -package at.knowcenter.wag.egov.egiz.ldap.client; - -import iaik.x509.X509Certificate; -import iaik.x509.net.ldap.LdapURLConnection; - -import java.io.IOException; -import java.math.BigInteger; -import java.net.MalformedURLException; -import java.net.URL; - -public final class LDAPClientImpl implements LDAPClient { - - // constants - protected static final String DEFAULT_LDAP_ATTR_SERIAL_NUMBER = "eidCertificateSerialNumber"; - private static final iaik.x509.net.ldap.Handler LDAP_HANDLER = new iaik.x509.net.ldap.Handler(); - - // fields - private URL url; - private String serialNumberAttrName; - - // constructors - protected LDAPClientImpl() { - this.setSerialNumberAttrName(DEFAULT_LDAP_ATTR_SERIAL_NUMBER); - } - - protected LDAPClientImpl(URL url) { - this(); - this.setUrl(url); - } - - protected LDAPClientImpl(String urlString) throws LDAPException { - this(); - try { - this.setUrl(new URL(null, urlString, LDAP_HANDLER)); - } catch (MalformedURLException e) { - throw new LDAPException(e); - } - } - - protected LDAPClientImpl(LDAPMapping ldapMapping) { - this(); - this.setUrl(ldapMapping.getLdapURL()); - this.setSerialNumberAttrName(ldapMapping.getSerialNumberAttrName()); - } - - - // getter/setter - - /* - * @see at.iaik.commons.ldap.LDAPClient#getUrl() - */ - public URL getUrl() { - return this.url; - } - - /* - * @see at.iaik.commons.ldap.LDAPClient#setUrl(java.net.URL) - */ - public void setUrl(URL ldapURL) { - if (ldapURL == null) { - throw new NullPointerException("LDAP url must not be null."); - } - this.url = ldapURL; - } - - /* - * @see at.iaik.commons.ldap.LDAPClient#getSerialNumberAttrName() - */ - public String getSerialNumberAttrName() { - return this.serialNumberAttrName; - } - - /* - * @see at.iaik.commons.ldap.LDAPClient#setSerialNumberAttrName(java.lang.String) - */ - public void setSerialNumberAttrName(String serialNumberAttrName) { - if (serialNumberAttrName != null && serialNumberAttrName.length() == 0) { - throw new IllegalArgumentException("Serial number attribute name must not be empty"); - } - this.serialNumberAttrName = serialNumberAttrName != null ? serialNumberAttrName : DEFAULT_LDAP_ATTR_SERIAL_NUMBER; - } - - // service methods - - /* - * @see at.iaik.commons.ldap.LDAPClient#retrieveCertificates(java.lang.String) - */ - public X509Certificate[] retrieveCertificates(String filter) throws LDAPException { - if (filter == null) { - throw new NullPointerException("Filter string must not be null."); - } - if (filter.length() == 0) { - throw new IllegalArgumentException("Filter string must not be empty."); - } - - X509Certificate[] certs = new X509Certificate[] { }; - LdapURLConnection ldapURLConnection = null; - try { - this.validateData(); - ldapURLConnection = (LdapURLConnection) this.url.openConnection(); - - // search for end enity certificates - ldapURLConnection.setRequestProperty( - LdapURLConnection.RP_ATTRIBUTE_DESCRIPTION, - LdapURLConnection.AD_USER_CERTIFICATE - ); - - // search subtree - ldapURLConnection.setRequestProperty( - LdapURLConnection.RP_SEARCH_SCOPE, - LdapURLConnection.SEARCH_SCOPE_SUBTREE - ); - - //set filter - ldapURLConnection.setRequestProperty( - LdapURLConnection.RP_FILTER, - filter - ); - - // connect to the ldap server an read results - certs = (X509Certificate[]) ldapURLConnection.getContent(); - } catch (IOException e) { - throw new LDAPException(e); - } finally { - if (ldapURLConnection != null) { - ldapURLConnection.disconnect(); - } - } - return certs; - } - - /* - * @see at.iaik.commons.ldap.LDAPClient#retrieveCertificate(java.math.BigInteger) - */ - public X509Certificate retrieveCertificate(BigInteger serialNumber) throws LDAPException { - if (serialNumber == null) { - throw new NullPointerException("Serial number must not be null"); - } - this.validateData(); - X509Certificate[] certs = retrieveCertificates("(" + this.serialNumberAttrName + "=" + serialNumber + ")"); - if (certs.length > 1) { - throw new LDAPException("There was more than one certificate with serial number " + serialNumber + "."); - } else if (certs.length == 0) { - return null; - } - return certs[0]; - } - - // misc - public void validateData() throws LDAPException { - if (this.url == null) { - throw new LDAPException("LDAP URL must not be null."); - } - if (this.serialNumberAttrName == null || this.serialNumberAttrName.length() == 0) { - throw new LDAPException("LDAP key for serial number is null or empty."); - } - } - - @Override - public String toString() { - StringBuffer buffer = new StringBuffer(); - buffer.append("ldapURL = ").append(this.url); - buffer.append(", serialNumberAttrName = ").append(this.serialNumberAttrName); - boolean dataValid; - try { - this.validateData(); - dataValid = true; - } catch (LDAPException e) { - dataValid = false; - } - buffer.append("; data seems to be ").append(dataValid ? "valid" : "invalid"); - return buffer.toString(); - } - -} diff --git a/src/main/java/at/knowcenter/wag/egov/egiz/ldap/client/LDAPException.java b/src/main/java/at/knowcenter/wag/egov/egiz/ldap/client/LDAPException.java deleted file mode 100644 index ed897ea..0000000 --- a/src/main/java/at/knowcenter/wag/egov/egiz/ldap/client/LDAPException.java +++ /dev/null @@ -1,26 +0,0 @@ -package at.knowcenter.wag.egov.egiz.ldap.client; - -/** - * @author Thomas Knall - */ -public class LDAPException extends Exception { - - private static final long serialVersionUID = 1L; - - public LDAPException() { - super(); - } - - public LDAPException(Exception exception) { - super(exception); - } - - public LDAPException(String message, Exception exception) { - super(message, exception); - } - - public LDAPException(String message) { - super(message); - } - -} diff --git a/src/main/java/at/knowcenter/wag/egov/egiz/ldap/client/LDAPMapping.java b/src/main/java/at/knowcenter/wag/egov/egiz/ldap/client/LDAPMapping.java deleted file mode 100644 index 8a4ea93..0000000 --- a/src/main/java/at/knowcenter/wag/egov/egiz/ldap/client/LDAPMapping.java +++ /dev/null @@ -1,155 +0,0 @@ -package at.knowcenter.wag.egov.egiz.ldap.client; - -import iaik.asn1.structures.Name; -import iaik.utils.RFC2253NameParser; -import iaik.utils.RFC2253NameParserException; - -import java.net.MalformedURLException; -import java.net.URL; -import java.util.Properties; - -import org.apache.log4j.Logger; - -/** - * @author Thomas Knall - */ -public class LDAPMapping { - - // constants - public static final String PROPERTIES_KEY_ISSUER_NAME = "issuer.name"; - public static final String PROPERTIES_KEY_LDAP_URL = "ldap.url"; - public static final String PROPERTIES_KEY_SERIAL_ATTR_NAME = "serialnumber.attrname"; - - private final Logger log = Logger.getLogger(getClass()); - private static final iaik.x509.net.ldap.Handler LDAP_HANDLER; - - // fields - private Name issuerName; - private URL ldapURL; - private String serialNumberAttrName; - - // static initialization - static { - LDAP_HANDLER = new iaik.x509.net.ldap.Handler(); - } - - // constructors - protected LDAPMapping() { - this.setSerialNumberAttrName(LDAPClientImpl.DEFAULT_LDAP_ATTR_SERIAL_NUMBER); - } - - public LDAPMapping(Name issuerName, URL ldapURL) { - this(issuerName, ldapURL, null); - } - - public LDAPMapping(Name issuerName, URL ldapURL, String serialNumberAttrName) { - this(); - this.setIssuerName(issuerName); - this.setLdapURL(ldapURL); - this.setSerialNumberAttrName(serialNumberAttrName); - } - - public LDAPMapping(String issuerNameString, String ldapURLString) throws LDAPException { - this(issuerNameString, ldapURLString, null); - } - - public LDAPMapping(String issuerNameString, String ldapURLString, String serialNumberAttrName) throws LDAPException { - this(); - this.setIssuerName(issuerNameString); - this.setLdapURL(ldapURLString); - this.setSerialNumberAttrName(serialNumberAttrName); - } - - public LDAPMapping(Properties properties) throws LDAPException { - this(); - if (properties == null) { - throw new NullPointerException("Properties must not be null."); - } - String in = properties.getProperty(PROPERTIES_KEY_ISSUER_NAME); - String sn = properties.getProperty(PROPERTIES_KEY_LDAP_URL); - String snan = properties.getProperty(PROPERTIES_KEY_SERIAL_ATTR_NAME); - if (in == null || in.length() == 0) { - throw new LDAPException("Property \"" + PROPERTIES_KEY_ISSUER_NAME + "\" must not be null or empty."); - } - if (sn == null || sn.length() == 0) { - throw new LDAPException("Property \"" + PROPERTIES_KEY_LDAP_URL + "\" must not be null or empty."); - } - this.setIssuerName(in); - this.setLdapURL(sn); - this.setSerialNumberAttrName(snan); - } - - // getter/setter - public Name getIssuerName() { - return this.issuerName; - } - - public void setIssuerName(Name issuerName) { - if (issuerName == null) { - throw new NullPointerException("Issuer name must not be null."); - } - this.issuerName = issuerName; - } - - public void setIssuerName(String issuerNameString) throws LDAPException { - RFC2253NameParser parser = new RFC2253NameParser(issuerNameString.trim()); - try { - this.setIssuerName(parser.parse()); - } catch (RFC2253NameParserException e) { - throw new LDAPException(e); - } - } - - public URL getLdapURL() { - return this.ldapURL; - } - - public void setLdapURL(URL ldapURL) { - if (ldapURL == null) { - throw new NullPointerException("LDAP url must not be null."); - } - this.ldapURL = ldapURL; - } - - public void setLdapURL(String ldapURLString) throws LDAPException { - try { - this.setLdapURL(new URL(null, ldapURLString.trim(), LDAP_HANDLER)); - } catch (MalformedURLException e) { - throw new LDAPException(e); - } - } - - public String getSerialNumberAttrName() { - return this.serialNumberAttrName; - } - - public void setSerialNumberAttrName(String serialNumberAttrName) { - if (serialNumberAttrName != null && serialNumberAttrName.length() == 0) { - throw new IllegalArgumentException("Serial number attribute name must not be empty"); - } - this.serialNumberAttrName = serialNumberAttrName != null ? serialNumberAttrName.trim() : LDAPClientImpl.DEFAULT_LDAP_ATTR_SERIAL_NUMBER; - } - - // misc - public void validateData() throws LDAPException { - if (this.issuerName == null) { - throw new LDAPException("Issuer name must not be null."); - } - if (this.ldapURL == null) { - throw new LDAPException("LDAP url must not be null."); - } - if (serialNumberAttrName == null || serialNumberAttrName.length() == 0) { - throw new LDAPException("Serial number attribute name must not be null or empty"); - } - } - - @Override - public String toString() { - StringBuffer buffer = new StringBuffer(); - buffer.append("issuerName = ").append(this.issuerName != null ? this.issuerName.getName() : null); - buffer.append(", ldapURL = ").append(this.ldapURL); - buffer.append(", serialNumberAttrName = ").append(this.serialNumberAttrName); - return buffer.toString(); - } - -} -- cgit v1.2.3