From 535a04fa05f739ec16dd81666e3b0f82dfbd442d Mon Sep 17 00:00:00 2001 From: tknall Date: Wed, 9 Jan 2013 15:41:29 +0000 Subject: pdf-as-lib maven project files moved to pdf-as-lib git-svn-id: https://joinup.ec.europa.eu/svn/pdf-as/pdf-as/trunk@926 7b5415b0-85f9-ee4d-85bd-d5d0c3b42d1c --- .../wag/egov/egiz/ldap/api/LDAPAPIException.java | 77 ++++++++ .../wag/egov/egiz/ldap/api/LDAPAPIFactory.java | 55 ++++++ .../wag/egov/egiz/ldap/api/LDAPAPIFactoryImpl.java | 92 +++++++++ .../wag/egov/egiz/ldap/api/LDAPAPIImpl.java | 148 ++++++++++++++ .../wag/egov/egiz/ldap/client/LDAPClient.java | 88 +++++++++ .../egov/egiz/ldap/client/LDAPClientFactory.java | 102 ++++++++++ .../egiz/ldap/client/LDAPClientFactoryImpl.java | 118 ++++++++++++ .../wag/egov/egiz/ldap/client/LDAPClientImpl.java | 214 +++++++++++++++++++++ .../wag/egov/egiz/ldap/client/LDAPException.java | 50 +++++ .../egiz/ldap/client/LDAPIssuerNameFilter.java | 43 +++++ .../wag/egov/egiz/ldap/client/LDAPMapping.java | 181 +++++++++++++++++ .../egov/egiz/ldap/client/LDAPMappingStore.java | 102 ++++++++++ 12 files changed, 1270 insertions(+) create mode 100644 pdf-as-lib/src/main/java/at/knowcenter/wag/egov/egiz/ldap/api/LDAPAPIException.java create mode 100644 pdf-as-lib/src/main/java/at/knowcenter/wag/egov/egiz/ldap/api/LDAPAPIFactory.java create mode 100644 pdf-as-lib/src/main/java/at/knowcenter/wag/egov/egiz/ldap/api/LDAPAPIFactoryImpl.java create mode 100644 pdf-as-lib/src/main/java/at/knowcenter/wag/egov/egiz/ldap/api/LDAPAPIImpl.java create mode 100644 pdf-as-lib/src/main/java/at/knowcenter/wag/egov/egiz/ldap/client/LDAPClient.java create mode 100644 pdf-as-lib/src/main/java/at/knowcenter/wag/egov/egiz/ldap/client/LDAPClientFactory.java create mode 100644 pdf-as-lib/src/main/java/at/knowcenter/wag/egov/egiz/ldap/client/LDAPClientFactoryImpl.java create mode 100644 pdf-as-lib/src/main/java/at/knowcenter/wag/egov/egiz/ldap/client/LDAPClientImpl.java create mode 100644 pdf-as-lib/src/main/java/at/knowcenter/wag/egov/egiz/ldap/client/LDAPException.java create mode 100644 pdf-as-lib/src/main/java/at/knowcenter/wag/egov/egiz/ldap/client/LDAPIssuerNameFilter.java create mode 100644 pdf-as-lib/src/main/java/at/knowcenter/wag/egov/egiz/ldap/client/LDAPMapping.java create mode 100644 pdf-as-lib/src/main/java/at/knowcenter/wag/egov/egiz/ldap/client/LDAPMappingStore.java (limited to 'pdf-as-lib/src/main/java/at/knowcenter/wag/egov/egiz/ldap') diff --git a/pdf-as-lib/src/main/java/at/knowcenter/wag/egov/egiz/ldap/api/LDAPAPIException.java b/pdf-as-lib/src/main/java/at/knowcenter/wag/egov/egiz/ldap/api/LDAPAPIException.java new file mode 100644 index 0000000..9074ded --- /dev/null +++ b/pdf-as-lib/src/main/java/at/knowcenter/wag/egov/egiz/ldap/api/LDAPAPIException.java @@ -0,0 +1,77 @@ +/** + * Copyright 2006 by Know-Center, Graz, Austria + * PDF-AS has been contracted by the E-Government Innovation Center EGIZ, a + * joint initiative of the Federal Chancellery Austria and Graz University of + * Technology. + * + * Licensed under the EUPL, Version 1.1 or - as soon they will be approved by + * the European Commission - subsequent versions of the EUPL (the "Licence"); + * You may not use this work except in compliance with the Licence. + * You may obtain a copy of the Licence at: + * http://www.osor.eu/eupl/ + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the Licence is distributed on an "AS IS" basis, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the Licence for the specific language governing permissions and + * limitations under the Licence. + * + * This product combines work with different licenses. See the "NOTICE" text + * file for details on the various modules and licenses. + * The "NOTICE" text file is part of the distribution. Any derivative works + * that you distribute must include a readable copy of the "NOTICE" text file. + */ +package at.knowcenter.wag.egov.egiz.ldap.api; + +/** + * @author Thomas Knall + */ +public class LDAPAPIException extends Exception { + + private static final long serialVersionUID = 1L; + + private Exception exception; + + public Exception getException() { + return this.exception; + } + + public String getMessage() { + String message = super.getMessage(); + if (message == null && exception != null) { + return exception.getMessage(); + } else { + return message; + } + } + + public LDAPAPIException(String message, Exception exception) { + super(message); + this.exception = exception; + } + + public LDAPAPIException(String message) { + super(message); + this.exception = null; + } + + public LDAPAPIException(Exception exception) { + super(); + this.exception = exception; + } + + public LDAPAPIException() { + super(); + this.exception = null; + + } + + public String toString() { + if (exception != null) { + return exception.toString(); + } else { + return super.toString(); + } + } + +} diff --git a/pdf-as-lib/src/main/java/at/knowcenter/wag/egov/egiz/ldap/api/LDAPAPIFactory.java b/pdf-as-lib/src/main/java/at/knowcenter/wag/egov/egiz/ldap/api/LDAPAPIFactory.java new file mode 100644 index 0000000..51ae84f --- /dev/null +++ b/pdf-as-lib/src/main/java/at/knowcenter/wag/egov/egiz/ldap/api/LDAPAPIFactory.java @@ -0,0 +1,55 @@ +/** + * Copyright 2006 by Know-Center, Graz, Austria + * PDF-AS has been contracted by the E-Government Innovation Center EGIZ, a + * joint initiative of the Federal Chancellery Austria and Graz University of + * Technology. + * + * Licensed under the EUPL, Version 1.1 or - as soon they will be approved by + * the European Commission - subsequent versions of the EUPL (the "Licence"); + * You may not use this work except in compliance with the Licence. + * You may obtain a copy of the Licence at: + * http://www.osor.eu/eupl/ + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the Licence is distributed on an "AS IS" basis, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the Licence for the specific language governing permissions and + * limitations under the Licence. + * + * This product combines work with different licenses. See the "NOTICE" text + * file for details on the various modules and licenses. + * The "NOTICE" text file is part of the distribution. Any derivative works + * that you distribute must include a readable copy of the "NOTICE" text file. + */ +package at.knowcenter.wag.egov.egiz.ldap.api; + +import org.apache.log4j.Logger; + +import at.knowcenter.wag.egov.egiz.ldap.client.LDAPIssuerNameFilter; +import at.knowcenter.wag.egov.egiz.sig.LDAPAPI; + +/** + * @author Thomas Knall + */ +public abstract class LDAPAPIFactory { + + private static LDAPAPIFactory ldapAPIfactoryInstance; + private final Logger log = Logger.getLogger(LDAPAPIFactory.class); + + protected LDAPAPIFactory() { + } + + public static synchronized LDAPAPIFactory getInstance(LDAPIssuerNameFilter ldapIssuerNameFilter) { + if (ldapAPIfactoryInstance == null) { + ldapAPIfactoryInstance = new LDAPAPIFactoryImpl(ldapIssuerNameFilter); + } + return ldapAPIfactoryInstance; + } + + public static LDAPAPIFactory getInstance() { + return getInstance(null); + } + + public abstract LDAPAPI createLDAPAPI(String implClassURI) throws LDAPAPIException; + +} diff --git a/pdf-as-lib/src/main/java/at/knowcenter/wag/egov/egiz/ldap/api/LDAPAPIFactoryImpl.java b/pdf-as-lib/src/main/java/at/knowcenter/wag/egov/egiz/ldap/api/LDAPAPIFactoryImpl.java new file mode 100644 index 0000000..61fbaed --- /dev/null +++ b/pdf-as-lib/src/main/java/at/knowcenter/wag/egov/egiz/ldap/api/LDAPAPIFactoryImpl.java @@ -0,0 +1,92 @@ +/** + * Copyright 2006 by Know-Center, Graz, Austria + * PDF-AS has been contracted by the E-Government Innovation Center EGIZ, a + * joint initiative of the Federal Chancellery Austria and Graz University of + * Technology. + * + * Licensed under the EUPL, Version 1.1 or - as soon they will be approved by + * the European Commission - subsequent versions of the EUPL (the "Licence"); + * You may not use this work except in compliance with the Licence. + * You may obtain a copy of the Licence at: + * http://www.osor.eu/eupl/ + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the Licence is distributed on an "AS IS" basis, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the Licence for the specific language governing permissions and + * limitations under the Licence. + * + * This product combines work with different licenses. See the "NOTICE" text + * file for details on the various modules and licenses. + * The "NOTICE" text file is part of the distribution. Any derivative works + * that you distribute must include a readable copy of the "NOTICE" text file. + */ +package at.knowcenter.wag.egov.egiz.ldap.api; + +import java.util.Hashtable; + +import org.apache.log4j.Logger; + +import at.knowcenter.wag.egov.egiz.ldap.client.LDAPIssuerNameFilter; +import at.knowcenter.wag.egov.egiz.sig.LDAPAPI; + +/** + * @author Thomas Knall + */ +public class LDAPAPIFactoryImpl extends LDAPAPIFactory { + + private static final Logger log = Logger.getLogger(LDAPAPIFactoryImpl.class); + + // mapping +// private Hashtable ldapImpls; + private Hashtable ldapImpls; + + private LDAPIssuerNameFilter ldapIssuerNameFilter; + + protected LDAPAPIFactoryImpl(LDAPIssuerNameFilter ldapIssuerNameFilter) { + this.ldapImpls = new Hashtable(); + this.ldapIssuerNameFilter = ldapIssuerNameFilter; + } + + private LDAPAPI instantiatelAPIImpl(String implClassURI) throws LDAPAPIException { + if (implClassURI == null) { + throw new NullPointerException("URI of implementing class must not be null."); + } + if (implClassURI.length() == 0) { + throw new IllegalArgumentException("URI of implementing class must not be empty."); + } + log.info("Trying to instantiate \"" + LDAPAPI.class.getName() + "\" implementation \"" + implClassURI + "\"..."); + LDAPAPI ldapAPIImpl = null; + try { + Class clazz = Class.forName(implClassURI); + Object ldapAPIImplObj = clazz.newInstance(); + if (!(ldapAPIImplObj instanceof LDAPAPI)) { + throw new LDAPAPIException("Declared class does not implement \"" + LDAPAPI.class.getName() + "\"."); + } + ldapAPIImpl = (LDAPAPI) ldapAPIImplObj; + log.info("LDAPAPI implementation successfully instantiated."); + ldapAPIImpl.setIssuerNameFilter(this.ldapIssuerNameFilter); + } catch (InstantiationException e) { + throw new LDAPAPIException("Declared implementation of \"" + LDAPAPI.class.getName() + "\" cannot be instantiated."); + } catch (IllegalAccessException e) { + throw new LDAPAPIException("Declared implementation of \"" + LDAPAPI.class.getName() + "\" cannot be instantiated (illegal access)."); + } catch (ClassNotFoundException e) { + throw new LDAPAPIException("Unable to find class \"" + implClassURI + "\" as implementation of \"" + LDAPAPI.class.getName() + "\"."); + } + return ldapAPIImpl; + } + + public synchronized LDAPAPI createLDAPAPI(String implClassURI) throws LDAPAPIException { + if (implClassURI == null || implClassURI.length() == 0) { + // use internal implementation + implClassURI = LDAPAPIImpl.class.getName(); + } + LDAPAPI impl = (LDAPAPI) this.ldapImpls.get(implClassURI); + if (impl == null) { + impl = this.instantiatelAPIImpl(implClassURI); + this.ldapImpls.put(implClassURI, impl); + } + return impl; + } + +} diff --git a/pdf-as-lib/src/main/java/at/knowcenter/wag/egov/egiz/ldap/api/LDAPAPIImpl.java b/pdf-as-lib/src/main/java/at/knowcenter/wag/egov/egiz/ldap/api/LDAPAPIImpl.java new file mode 100644 index 0000000..57c471f --- /dev/null +++ b/pdf-as-lib/src/main/java/at/knowcenter/wag/egov/egiz/ldap/api/LDAPAPIImpl.java @@ -0,0 +1,148 @@ +/** + * Copyright 2006 by Know-Center, Graz, Austria + * PDF-AS has been contracted by the E-Government Innovation Center EGIZ, a + * joint initiative of the Federal Chancellery Austria and Graz University of + * Technology. + * + * Licensed under the EUPL, Version 1.1 or - as soon they will be approved by + * the European Commission - subsequent versions of the EUPL (the "Licence"); + * You may not use this work except in compliance with the Licence. + * You may obtain a copy of the Licence at: + * http://www.osor.eu/eupl/ + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the Licence is distributed on an "AS IS" basis, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the Licence for the specific language governing permissions and + * limitations under the Licence. + * + * This product combines work with different licenses. See the "NOTICE" text + * file for details on the various modules and licenses. + * The "NOTICE" text file is part of the distribution. Any derivative works + * that you distribute must include a readable copy of the "NOTICE" text file. + */ +package at.knowcenter.wag.egov.egiz.ldap.api; + +import iaik.utils.Util; +import iaik.x509.X509Certificate; + +import java.math.BigInteger; +import java.util.Iterator; +import java.util.List; + +import org.apache.log4j.Logger; + +import at.knowcenter.wag.egov.egiz.cfg.SettingsReader; +import at.knowcenter.wag.egov.egiz.exceptions.SettingNotFoundException; +import at.knowcenter.wag.egov.egiz.exceptions.SettingsException; +import at.knowcenter.wag.egov.egiz.ldap.client.LDAPClient; +import at.knowcenter.wag.egov.egiz.ldap.client.LDAPClientFactory; +import at.knowcenter.wag.egov.egiz.ldap.client.LDAPException; +import at.knowcenter.wag.egov.egiz.ldap.client.LDAPIssuerNameFilter; +import at.knowcenter.wag.egov.egiz.ldap.client.LDAPMapping; +import at.knowcenter.wag.egov.egiz.sig.LDAPAPI; + +/** + * @author Thomas Knall + */ +public class LDAPAPIImpl implements LDAPAPI { + + private final Logger log = Logger.getLogger(this.getClass()); + + /** + * Prefix for specific entry in config properties file. + */ + private static final String PROP_LDAP_PREFIX = "ldap_mapping"; + + private static final String PROP_ISSUER_NAME_POSTFIX = "issuer_name"; + + private static final String PROP_LDAP_URL_POSTFIX = "url"; + + private static final String PROP_SERIAL_ATTR_POSTFIX = "serial_attr"; + + private static final String LDAP_FACTORY_IDENTIFIER = "PDF-AS LDAP Support"; + + private LDAPClientFactory ldapClientFactory; + + private LDAPIssuerNameFilter ldapIssuerNameFilter; + + protected LDAPAPIImpl() { + this.ldapClientFactory = null; + this.ldapIssuerNameFilter = null; + } + + private void initializeFactoryImpl() { + if (this.ldapClientFactory == null) { + try { + SettingsReader settings = SettingsReader.getInstance(); + + this.ldapClientFactory = LDAPClientFactory.getInstance(LDAP_FACTORY_IDENTIFIER); + this.ldapClientFactory.setLDAPIssuerNameFilter(this.ldapIssuerNameFilter); + + List mappingKeys = settings.getKeys(PROP_LDAP_PREFIX); + if (mappingKeys != null) { + Iterator it = mappingKeys.iterator(); + while (it.hasNext()) { + String keyPrefix = PROP_LDAP_PREFIX + "." + (String) it.next() + "."; + String issuerName = settings.getSetting(keyPrefix + PROP_ISSUER_NAME_POSTFIX); + String ldapURL = settings.getSetting(keyPrefix + PROP_LDAP_URL_POSTFIX); + String serialAttr = settings.getSetting(keyPrefix + PROP_SERIAL_ATTR_POSTFIX, + null); + + LDAPMapping ldapMapping = new LDAPMapping(issuerName, ldapURL, serialAttr); + this.ldapClientFactory.registerMapping(ldapMapping); + } + } else { + StringBuffer buffer = new StringBuffer(); + buffer.append(PROP_LDAP_PREFIX).append(".foo.").append(PROP_ISSUER_NAME_POSTFIX) + .append(", "); + buffer.append(PROP_LDAP_PREFIX).append(".foo.").append(PROP_LDAP_URL_POSTFIX) + .append(", "); + buffer.append(PROP_LDAP_PREFIX).append(".foo.").append(PROP_SERIAL_ATTR_POSTFIX); + this.log.warn("There are no LDAP mappings (" + buffer.toString() + + ") declared within config file."); + } + + } catch (SettingsException e) { + this.log.error(e.getMessage(), e); + } catch (SettingNotFoundException e) { + this.log.error(e.getMessage(), e); + } catch (LDAPException e) { + this.log.error(e.getMessage(), e); + } + ; + } + } + + public byte[] loadBase64CertificateFromLDAP(String serialNumber, String issuer) { + this.initializeFactoryImpl(); + byte[] base64CertData = null; + try { + List clients = this.ldapClientFactory.createClients(issuer); + Iterator clientIt = clients.iterator(); + X509Certificate x509certificate = null; + while (clientIt.hasNext() && x509certificate == null) { + LDAPClient client = (LDAPClient) clientIt.next(); + try { + x509certificate = client.retrieveCertificate(new BigInteger(serialNumber)); + } catch (LDAPException e) { + this.log.error(e.getMessage(), e); + } + } + if (x509certificate != null) { + base64CertData = Util.Base64Encode(x509certificate.toByteArray()); + } + } catch (LDAPException e) { + this.log.error(e.getMessage(), e); + } + return base64CertData; + } + + public void setIssuerNameFilter(LDAPIssuerNameFilter filter) throws LDAPAPIException { + if (this.ldapClientFactory != null) { + throw new LDAPAPIException("LDAPIssuerNameFilter must be applied before mappings are registered."); + } + this.ldapIssuerNameFilter = filter; + } + +} diff --git a/pdf-as-lib/src/main/java/at/knowcenter/wag/egov/egiz/ldap/client/LDAPClient.java b/pdf-as-lib/src/main/java/at/knowcenter/wag/egov/egiz/ldap/client/LDAPClient.java new file mode 100644 index 0000000..1425856 --- /dev/null +++ b/pdf-as-lib/src/main/java/at/knowcenter/wag/egov/egiz/ldap/client/LDAPClient.java @@ -0,0 +1,88 @@ +/** + * Copyright 2006 by Know-Center, Graz, Austria + * PDF-AS has been contracted by the E-Government Innovation Center EGIZ, a + * joint initiative of the Federal Chancellery Austria and Graz University of + * Technology. + * + * Licensed under the EUPL, Version 1.1 or - as soon they will be approved by + * the European Commission - subsequent versions of the EUPL (the "Licence"); + * You may not use this work except in compliance with the Licence. + * You may obtain a copy of the Licence at: + * http://www.osor.eu/eupl/ + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the Licence is distributed on an "AS IS" basis, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the Licence for the specific language governing permissions and + * limitations under the Licence. + * + * This product combines work with different licenses. See the "NOTICE" text + * file for details on the various modules and licenses. + * The "NOTICE" text file is part of the distribution. Any derivative works + * that you distribute must include a readable copy of the "NOTICE" text file. + */ +package at.knowcenter.wag.egov.egiz.ldap.client; + +import iaik.x509.X509Certificate; + +import java.math.BigInteger; +import java.net.URL; + +/** + * @author Thomas Knall + */ +public interface LDAPClient { + + /** + * Returns the ldap url this client was registered for. + * + * @return The ldap url linked with this client. + */ + URL getUrl(); + + /** + * Sets the ldap url this client should be registered for. + * + * @param ldapURL + * The ldap url linked with this client. + */ + void setUrl(URL ldapURL); + + /** + * Returns the attribute name that represents the serial number. + * + * @return The attribute name representing the serial number. + */ + String getSerialNumberAttrName(); + + /** + * Sets the attribute name that represents the serial number. + * + * @param serialNumberAttrName + * The attribute name representing the serial number. + */ + void setSerialNumberAttrName(String serialNumberAttrName); + + /** + * Retrieves the certificate(s) matching the filter {@code filter}. + * + * @param filter + * The filter for the ldap request. + * @return An array of certificates matching the filter {@code filter}. + * @throws LDAPException + * Is thrown in case of error. + */ + X509Certificate[] retrieveCertificates(String filter) throws LDAPException; + + /** + * Retriebes the certificate with the serial number {@code serialNumber}. + * + * @param serialNumber + * The serial number of the required certificate. + * @return The certificate with the serial number {@code serialNumber}. + * @throws LDAPException + * Is thrown in case of error. + */ + X509Certificate retrieveCertificate(BigInteger serialNumber) throws LDAPException; + +} diff --git a/pdf-as-lib/src/main/java/at/knowcenter/wag/egov/egiz/ldap/client/LDAPClientFactory.java b/pdf-as-lib/src/main/java/at/knowcenter/wag/egov/egiz/ldap/client/LDAPClientFactory.java new file mode 100644 index 0000000..d88d0b8 --- /dev/null +++ b/pdf-as-lib/src/main/java/at/knowcenter/wag/egov/egiz/ldap/client/LDAPClientFactory.java @@ -0,0 +1,102 @@ +/** + * Copyright 2006 by Know-Center, Graz, Austria + * PDF-AS has been contracted by the E-Government Innovation Center EGIZ, a + * joint initiative of the Federal Chancellery Austria and Graz University of + * Technology. + * + * Licensed under the EUPL, Version 1.1 or - as soon they will be approved by + * the European Commission - subsequent versions of the EUPL (the "Licence"); + * You may not use this work except in compliance with the Licence. + * You may obtain a copy of the Licence at: + * http://www.osor.eu/eupl/ + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the Licence is distributed on an "AS IS" basis, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the Licence for the specific language governing permissions and + * limitations under the Licence. + * + * This product combines work with different licenses. See the "NOTICE" text + * file for details on the various modules and licenses. + * The "NOTICE" text file is part of the distribution. Any derivative works + * that you distribute must include a readable copy of the "NOTICE" text file. + */ +package at.knowcenter.wag.egov.egiz.ldap.client; + +import iaik.asn1.structures.Name; + +import java.util.Hashtable; +import java.util.List; + +import org.apache.log4j.Logger; + + +/** + * @author Thomas Knall + */ +public abstract class LDAPClientFactory { + + private final Logger log = Logger.getLogger(getClass()); + + protected static final String DEFAULT_IDENTIFIER = "default LDAPClientFactory"; + + /** + * Mapping of category/identifier to LDAPClientFactory. + * Allows the usage of multiple independently configured LDAPClientFactoryImpls. + */ +// private static Hashtable ldapClientFactoryInstances = new Hashtable(); + private static Hashtable ldapClientFactoryInstances = new Hashtable(); + + private LDAPMappingStore ldapMappingStore; + + protected LDAPClientFactory() { + this.ldapMappingStore = new LDAPMappingStore(); + } + + public List getMappings(String issuerName) throws LDAPException { + return this.ldapMappingStore.getMappings(issuerName); + } + + public List getMapping(Name name) { + return this.ldapMappingStore.getMappings(name); + } + + public void resetMappings() { + this.ldapMappingStore.clearStore(); + } + + public boolean hasBeenConfigured() { + return !this.ldapMappingStore.isEmpty(); + } + + public synchronized void registerMapping(LDAPMapping ldapMapping) { + this.ldapMappingStore.addMapping(ldapMapping); + } + + public void setLDAPIssuerNameFilter(LDAPIssuerNameFilter filter) throws LDAPException { + if (this.hasBeenConfigured()) { + throw new LDAPException("Not allowed to set filter after registration of mappings."); + } + this.ldapMappingStore = new LDAPMappingStore(filter); + } + + public boolean isLDAPIssuerNameFilter() { + return this.ldapMappingStore.isLDAPIssuerNameFilter(); + } + + public static synchronized LDAPClientFactory getInstance(String identifier) { + LDAPClientFactory ldapClientFactoryInstance = (LDAPClientFactory) ldapClientFactoryInstances.get(identifier); + if (ldapClientFactoryInstance == null) { + ldapClientFactoryInstance = new LDAPClientFactoryImpl(); + ldapClientFactoryInstances.put(identifier, ldapClientFactoryInstance); + } + return ldapClientFactoryInstance; + } + + public static synchronized LDAPClientFactory getInstance() { + return getInstance(DEFAULT_IDENTIFIER); + } + + public abstract List createClients(String issuerName) throws LDAPException; + +} diff --git a/pdf-as-lib/src/main/java/at/knowcenter/wag/egov/egiz/ldap/client/LDAPClientFactoryImpl.java b/pdf-as-lib/src/main/java/at/knowcenter/wag/egov/egiz/ldap/client/LDAPClientFactoryImpl.java new file mode 100644 index 0000000..ae3cbc1 --- /dev/null +++ b/pdf-as-lib/src/main/java/at/knowcenter/wag/egov/egiz/ldap/client/LDAPClientFactoryImpl.java @@ -0,0 +1,118 @@ +/** + * Copyright 2006 by Know-Center, Graz, Austria + * PDF-AS has been contracted by the E-Government Innovation Center EGIZ, a + * joint initiative of the Federal Chancellery Austria and Graz University of + * Technology. + * + * Licensed under the EUPL, Version 1.1 or - as soon they will be approved by + * the European Commission - subsequent versions of the EUPL (the "Licence"); + * You may not use this work except in compliance with the Licence. + * You may obtain a copy of the Licence at: + * http://www.osor.eu/eupl/ + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the Licence is distributed on an "AS IS" basis, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the Licence for the specific language governing permissions and + * limitations under the Licence. + * + * This product combines work with different licenses. See the "NOTICE" text + * file for details on the various modules and licenses. + * The "NOTICE" text file is part of the distribution. Any derivative works + * that you distribute must include a readable copy of the "NOTICE" text file. + */ +package at.knowcenter.wag.egov.egiz.ldap.client; + +import iaik.asn1.ObjectID; +import iaik.asn1.structures.Name; +import iaik.utils.RFC2253NameParser; +import iaik.utils.RFC2253NameParserException; + +import java.util.ArrayList; +import java.util.Collections; +import java.util.Hashtable; +import java.util.Iterator; +import java.util.List; + +import org.apache.commons.lang.ArrayUtils; +import org.apache.log4j.Logger; + +/** + * @author Thomas Knall + */ +public final class LDAPClientFactoryImpl extends LDAPClientFactory { + + private final Logger log = Logger.getLogger(getClass()); + + private Hashtable ldapClients; + + protected LDAPClientFactoryImpl() { + this.ldapClients = new Hashtable(); + } + + public static String rfc2253Name2Domain(Name name) { + Object[] values = name.getRDNValues(ObjectID.domainComponent); + if (values == null) { + return null; + } + StringBuffer buffer = new StringBuffer(); + for (int i = 0; i < values.length; i++) { + buffer.append(values[i]); + if (i+1 < values.length) { + buffer.append("."); + } + } + return buffer.toString(); + } + + public static String rfc2253Name2Domain(String nameString) throws RFC2253NameParserException { + RFC2253NameParser nameParser = new RFC2253NameParser(nameString); + return rfc2253Name2Domain(nameParser.parse()); + } + + private List instantiateLDAPClients(String issuerName) throws LDAPException { + if (!super.hasBeenConfigured()) { + log.warn(super.getClass().getName() + " has not been configured yet."); + } + List ldapClients = new ArrayList(); + List mappings = super.getMappings(issuerName); + if (mappings == null || mappings.isEmpty()) { + try { + String alternativeURLString = rfc2253Name2Domain(issuerName); + if (alternativeURLString == null || alternativeURLString.length() == 0) { + throw new LDAPException("Neither issuer name \"" + issuerName + "\" has been registered nor domain components were provided."); + } + alternativeURLString = "ldap://" + alternativeURLString; + log.warn("Issuer name \"" + issuerName + "\" has not been registered; trying to instantiate client for url \"" + alternativeURLString + "\"..."); + LDAPClient client = new LDAPClientImpl(alternativeURLString); + ldapClients.add(client); + } catch (RFC2253NameParserException e) { + throw new LDAPException(e); + } + } else { + log.debug("Instantiating LDAP clients for " + ArrayUtils.toString(mappings.toArray()) + "."); + Iterator mappingIt = mappings.iterator(); + while (mappingIt.hasNext()) { + LDAPMapping mapping = (LDAPMapping) mappingIt.next(); + ldapClients.add(new LDAPClientImpl(mapping)); + } + } + return ldapClients; + } + + public synchronized List createClients(String issuerName) throws LDAPException { + if (issuerName == null) { + throw new NullPointerException("Issuer name must not be null."); + } + if (issuerName.length() == 0) { + throw new IllegalArgumentException("Issuer name must not be empty."); + } + List ldapClientList = (List) ldapClients.get(issuerName); + if (ldapClientList == null) { + ldapClientList = instantiateLDAPClients(issuerName); + ldapClients.put(issuerName, ldapClientList); + } + return Collections.unmodifiableList(ldapClientList); + } + +} diff --git a/pdf-as-lib/src/main/java/at/knowcenter/wag/egov/egiz/ldap/client/LDAPClientImpl.java b/pdf-as-lib/src/main/java/at/knowcenter/wag/egov/egiz/ldap/client/LDAPClientImpl.java new file mode 100644 index 0000000..808a345 --- /dev/null +++ b/pdf-as-lib/src/main/java/at/knowcenter/wag/egov/egiz/ldap/client/LDAPClientImpl.java @@ -0,0 +1,214 @@ +/** + * Copyright 2006 by Know-Center, Graz, Austria + * PDF-AS has been contracted by the E-Government Innovation Center EGIZ, a + * joint initiative of the Federal Chancellery Austria and Graz University of + * Technology. + * + * Licensed under the EUPL, Version 1.1 or - as soon they will be approved by + * the European Commission - subsequent versions of the EUPL (the "Licence"); + * You may not use this work except in compliance with the Licence. + * You may obtain a copy of the Licence at: + * http://www.osor.eu/eupl/ + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the Licence is distributed on an "AS IS" basis, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the Licence for the specific language governing permissions and + * limitations under the Licence. + * + * This product combines work with different licenses. See the "NOTICE" text + * file for details on the various modules and licenses. + * The "NOTICE" text file is part of the distribution. Any derivative works + * that you distribute must include a readable copy of the "NOTICE" text file. + */ +package at.knowcenter.wag.egov.egiz.ldap.client; + +import iaik.x509.X509Certificate; +import iaik.x509.net.ldap.LdapURLConnection; + +import java.io.IOException; +import java.math.BigInteger; +import java.net.MalformedURLException; +import java.net.URL; + +import org.apache.log4j.Logger; + +public final class LDAPClientImpl implements LDAPClient { + + // constants + protected static final String DEFAULT_LDAP_ATTR_SERIAL_NUMBER = "eidCertificateSerialNumber"; + private static final iaik.x509.net.ldap.Handler LDAP_HANDLER = new iaik.x509.net.ldap.Handler(); + + private static final long TIME_ON_BLACKLIST_IN_SECONDS = 300; // block failed urls for 5 min + private static final int READ_TIMEOUT = 15; + private static final int CONNECTION_TIMEOUT = 15; + + private Logger log = Logger.getLogger(getClass()); + + // fields + private URL url; + private String serialNumberAttrName; + private long timeStampForBlackList; + + // constructors + protected LDAPClientImpl() { + this.setSerialNumberAttrName(DEFAULT_LDAP_ATTR_SERIAL_NUMBER); + this.timeStampForBlackList = 0; + } + + protected LDAPClientImpl(URL url) { + this(); + this.setUrl(url); + } + + protected LDAPClientImpl(String urlString) throws LDAPException { + this(); + try { + this.setUrl(new URL(null, urlString, LDAP_HANDLER)); + } catch (MalformedURLException e) { + throw new LDAPException(e); + } + } + + protected LDAPClientImpl(LDAPMapping ldapMapping) { + this(); + this.setUrl(ldapMapping.getLdapURL()); + this.setSerialNumberAttrName(ldapMapping.getSerialNumberAttrName()); + } + + + // getter/setter + + /* + * @see at.iaik.commons.ldap.LDAPClient#getUrl() + */ + public URL getUrl() { + return this.url; + } + + /* + * @see at.iaik.commons.ldap.LDAPClient#setUrl(java.net.URL) + */ + public void setUrl(URL ldapURL) { + if (ldapURL == null) { + throw new NullPointerException("LDAP url must not be null."); + } + this.url = ldapURL; + } + + /* + * @see at.iaik.commons.ldap.LDAPClient#getSerialNumberAttrName() + */ + public String getSerialNumberAttrName() { + return this.serialNumberAttrName; + } + + /* + * @see at.iaik.commons.ldap.LDAPClient#setSerialNumberAttrName(java.lang.String) + */ + public void setSerialNumberAttrName(String serialNumberAttrName) { + if (serialNumberAttrName != null && serialNumberAttrName.length() == 0) { + throw new IllegalArgumentException("Serial number attribute name must not be empty"); + } + this.serialNumberAttrName = serialNumberAttrName != null ? serialNumberAttrName : DEFAULT_LDAP_ATTR_SERIAL_NUMBER; + } + + // service methods + + /* + * @see at.iaik.commons.ldap.LDAPClient#retrieveCertificates(java.lang.String) + */ + public X509Certificate[] retrieveCertificates(String filter) throws LDAPException { + if (filter == null) { + throw new NullPointerException("Filter string must not be null."); + } + if (filter.length() == 0) { + throw new IllegalArgumentException("Filter string must not be empty."); + } + + X509Certificate[] certs = new X509Certificate[] { }; + + long now = System.currentTimeMillis(); + if (this.timeStampForBlackList + TIME_ON_BLACKLIST_IN_SECONDS * 1000 >= now) { + long remaining = TIME_ON_BLACKLIST_IN_SECONDS - ((now - this.timeStampForBlackList) / 1000); + log.warn("LDAP connections to URL \"" + this.getUrl().toString() + "\" are blocked for " + remaining + " (" + TIME_ON_BLACKLIST_IN_SECONDS + ") seconds due to previous errors."); + return certs; + } + + LdapURLConnection ldapURLConnection = null; + try { + this.validateData(); + ldapURLConnection = (LdapURLConnection) this.url.openConnection(); + log.debug("Setting timeout for LDAPClient: connection timeout = " + CONNECTION_TIMEOUT + " seconds, read timeout = " + READ_TIMEOUT + " seconds."); + ldapURLConnection.setReadTimeout(READ_TIMEOUT * 1000); + ldapURLConnection.setConnectTimeout(CONNECTION_TIMEOUT * 1000); + + // search for end enity certificates + ldapURLConnection.setRequestProperty( + LdapURLConnection.RP_ATTRIBUTE_DESCRIPTION, + LdapURLConnection.AD_USER_CERTIFICATE + ); + + // search subtree + ldapURLConnection.setRequestProperty( + LdapURLConnection.RP_SEARCH_SCOPE, + LdapURLConnection.SEARCH_SCOPE_SUBTREE + ); + + //set filter + ldapURLConnection.setRequestProperty( + LdapURLConnection.RP_FILTER, + filter + ); + + // connect to the ldap server an read results + log.debug("Connecting to \"" + this.url.toString() + "\"."); + certs = (X509Certificate[]) ldapURLConnection.getContent(); + log.debug("Result of LDAP query received (" + (certs != null ? certs.length : 0) + " result(s))."); + } catch (IOException e) { + this.timeStampForBlackList = System.currentTimeMillis(); + log.warn("Unable to get certificate from \"" + this.getUrl().toString() + "\". LDAPClient is now blocking that URL for " + TIME_ON_BLACKLIST_IN_SECONDS + " seconds."); + throw new LDAPException(e); + } finally { + if (ldapURLConnection != null) { + ldapURLConnection.disconnect(); + } + } + return certs; + } + + /* + * @see at.iaik.commons.ldap.LDAPClient#retrieveCertificate(java.math.BigInteger) + */ + public X509Certificate retrieveCertificate(BigInteger serialNumber) throws LDAPException { + if (serialNumber == null) { + throw new NullPointerException("Serial number must not be null"); + } + this.validateData(); + X509Certificate[] certs = retrieveCertificates("(" + this.serialNumberAttrName + "=" + serialNumber + ")"); + if (certs.length > 1) { + throw new LDAPException("There was more than one certificate with serial number " + serialNumber + "."); + } else if (certs.length == 0) { + return null; + } + return certs[0]; + } + + // misc + public void validateData() throws LDAPException { + if (this.url == null) { + throw new LDAPException("LDAP URL must not be null."); + } + if (this.serialNumberAttrName == null || this.serialNumberAttrName.length() == 0) { + throw new LDAPException("LDAP key for serial number is null or empty."); + } + } + + public String toString() { + StringBuffer buffer = new StringBuffer(); + buffer.append("ldapURL = ").append(this.url); + buffer.append(", serialNumberAttrName = ").append(this.serialNumberAttrName); + return buffer.toString(); + } + +} diff --git a/pdf-as-lib/src/main/java/at/knowcenter/wag/egov/egiz/ldap/client/LDAPException.java b/pdf-as-lib/src/main/java/at/knowcenter/wag/egov/egiz/ldap/client/LDAPException.java new file mode 100644 index 0000000..3b36e6d --- /dev/null +++ b/pdf-as-lib/src/main/java/at/knowcenter/wag/egov/egiz/ldap/client/LDAPException.java @@ -0,0 +1,50 @@ +/** + * Copyright 2006 by Know-Center, Graz, Austria + * PDF-AS has been contracted by the E-Government Innovation Center EGIZ, a + * joint initiative of the Federal Chancellery Austria and Graz University of + * Technology. + * + * Licensed under the EUPL, Version 1.1 or - as soon they will be approved by + * the European Commission - subsequent versions of the EUPL (the "Licence"); + * You may not use this work except in compliance with the Licence. + * You may obtain a copy of the Licence at: + * http://www.osor.eu/eupl/ + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the Licence is distributed on an "AS IS" basis, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the Licence for the specific language governing permissions and + * limitations under the Licence. + * + * This product combines work with different licenses. See the "NOTICE" text + * file for details on the various modules and licenses. + * The "NOTICE" text file is part of the distribution. Any derivative works + * that you distribute must include a readable copy of the "NOTICE" text file. + */ +package at.knowcenter.wag.egov.egiz.ldap.client; + + +/** + * @author Thomas Knall + */ +public class LDAPException extends Exception { + + private static final long serialVersionUID = 1L; + + public LDAPException() { + super(); + } + + public LDAPException(Exception exception) { + super(exception); + } + + public LDAPException(String message, Exception exception) { + super(message, exception); + } + + public LDAPException(String message) { + super(message); + } + +} diff --git a/pdf-as-lib/src/main/java/at/knowcenter/wag/egov/egiz/ldap/client/LDAPIssuerNameFilter.java b/pdf-as-lib/src/main/java/at/knowcenter/wag/egov/egiz/ldap/client/LDAPIssuerNameFilter.java new file mode 100644 index 0000000..e483d2c --- /dev/null +++ b/pdf-as-lib/src/main/java/at/knowcenter/wag/egov/egiz/ldap/client/LDAPIssuerNameFilter.java @@ -0,0 +1,43 @@ +/** + * Copyright 2006 by Know-Center, Graz, Austria + * PDF-AS has been contracted by the E-Government Innovation Center EGIZ, a + * joint initiative of the Federal Chancellery Austria and Graz University of + * Technology. + * + * Licensed under the EUPL, Version 1.1 or - as soon they will be approved by + * the European Commission - subsequent versions of the EUPL (the "Licence"); + * You may not use this work except in compliance with the Licence. + * You may obtain a copy of the Licence at: + * http://www.osor.eu/eupl/ + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the Licence is distributed on an "AS IS" basis, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the Licence for the specific language governing permissions and + * limitations under the Licence. + * + * This product combines work with different licenses. See the "NOTICE" text + * file for details on the various modules and licenses. + * The "NOTICE" text file is part of the distribution. Any derivative works + * that you distribute must include a readable copy of the "NOTICE" text file. + */ +package at.knowcenter.wag.egov.egiz.ldap.client; + +import iaik.asn1.structures.Name; + +/** + * @author Thomas Knall + */ +public interface LDAPIssuerNameFilter { + + /** + * Applies some kind of filtering on the distinguished name. This can be used + * for normalization. + * + * @param name + * The original distinguished name. + * @return The new filtered distinguished name. + */ + Name applyFilter(Name name); + +} diff --git a/pdf-as-lib/src/main/java/at/knowcenter/wag/egov/egiz/ldap/client/LDAPMapping.java b/pdf-as-lib/src/main/java/at/knowcenter/wag/egov/egiz/ldap/client/LDAPMapping.java new file mode 100644 index 0000000..502d88b --- /dev/null +++ b/pdf-as-lib/src/main/java/at/knowcenter/wag/egov/egiz/ldap/client/LDAPMapping.java @@ -0,0 +1,181 @@ +/** + * Copyright 2006 by Know-Center, Graz, Austria + * PDF-AS has been contracted by the E-Government Innovation Center EGIZ, a + * joint initiative of the Federal Chancellery Austria and Graz University of + * Technology. + * + * Licensed under the EUPL, Version 1.1 or - as soon they will be approved by + * the European Commission - subsequent versions of the EUPL (the "Licence"); + * You may not use this work except in compliance with the Licence. + * You may obtain a copy of the Licence at: + * http://www.osor.eu/eupl/ + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the Licence is distributed on an "AS IS" basis, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the Licence for the specific language governing permissions and + * limitations under the Licence. + * + * This product combines work with different licenses. See the "NOTICE" text + * file for details on the various modules and licenses. + * The "NOTICE" text file is part of the distribution. Any derivative works + * that you distribute must include a readable copy of the "NOTICE" text file. + */ +package at.knowcenter.wag.egov.egiz.ldap.client; + +import iaik.asn1.structures.Name; +import iaik.utils.RFC2253NameParser; +import iaik.utils.RFC2253NameParserException; + +import java.net.MalformedURLException; +import java.net.URL; +import java.util.Properties; + +import org.apache.log4j.Logger; + +/** + * @author Thomas Knall + */ +public class LDAPMapping { + + // constants + public static final String PROPERTIES_KEY_ISSUER_NAME = "issuer.name"; + public static final String PROPERTIES_KEY_LDAP_URL = "ldap.url"; + public static final String PROPERTIES_KEY_SERIAL_ATTR_NAME = "serialnumber.attrname"; + + private final Logger log = Logger.getLogger(getClass()); + private static final iaik.x509.net.ldap.Handler LDAP_HANDLER; + + // fields + private Name issuerName; + private URL ldapURL; + private String serialNumberAttrName; + + // static initialization + static { + LDAP_HANDLER = new iaik.x509.net.ldap.Handler(); + } + + // constructors + protected LDAPMapping() { + this.setSerialNumberAttrName(LDAPClientImpl.DEFAULT_LDAP_ATTR_SERIAL_NUMBER); + } + + public LDAPMapping(Name issuerName, URL ldapURL) { + this(issuerName, ldapURL, null); + } + + public LDAPMapping(Name issuerName, URL ldapURL, String serialNumberAttrName) { + this(); + this.setIssuerName(issuerName); + this.setLdapURL(ldapURL); + this.setSerialNumberAttrName(serialNumberAttrName); + } + + public LDAPMapping(String issuerNameString, String ldapURLString) throws LDAPException { + this(issuerNameString, ldapURLString, null); + } + + public LDAPMapping(String issuerNameString, String ldapURLString, String serialNumberAttrName) throws LDAPException { + this(); + this.setIssuerName(issuerNameString); + this.setLdapURL(ldapURLString); + this.setSerialNumberAttrName(serialNumberAttrName); + } + + public LDAPMapping(Properties properties) throws LDAPException { + this(); + if (properties == null) { + throw new NullPointerException("Properties must not be null."); + } + String in = properties.getProperty(PROPERTIES_KEY_ISSUER_NAME); + String sn = properties.getProperty(PROPERTIES_KEY_LDAP_URL); + String snan = properties.getProperty(PROPERTIES_KEY_SERIAL_ATTR_NAME); + if (in == null || in.length() == 0) { + throw new LDAPException("Property \"" + PROPERTIES_KEY_ISSUER_NAME + "\" must not be null or empty."); + } + if (sn == null || sn.length() == 0) { + throw new LDAPException("Property \"" + PROPERTIES_KEY_LDAP_URL + "\" must not be null or empty."); + } + this.setIssuerName(in); + this.setLdapURL(sn); + this.setSerialNumberAttrName(snan); + } + + // getter/setter + public Name getIssuerName() { + return this.issuerName; + } + + public String getIssuerNameAsString() { + return this.issuerName.getName(); + } + + public void setIssuerName(Name issuerName) { + if (issuerName == null) { + throw new NullPointerException("Issuer name must not be null."); + } + this.issuerName = issuerName; + } + + public void setIssuerName(String issuerNameString) throws LDAPException { + RFC2253NameParser parser = new RFC2253NameParser(issuerNameString.trim()); + try { + this.setIssuerName(parser.parse()); + } catch (RFC2253NameParserException e) { + throw new LDAPException(e); + } + } + + public URL getLdapURL() { + return this.ldapURL; + } + + public void setLdapURL(URL ldapURL) { + if (ldapURL == null) { + throw new NullPointerException("LDAP url must not be null."); + } + this.ldapURL = ldapURL; + } + + public void setLdapURL(String ldapURLString) throws LDAPException { + try { + this.setLdapURL(new URL(null, ldapURLString.trim(), LDAP_HANDLER)); + } catch (MalformedURLException e) { + throw new LDAPException(e); + } + } + + public String getSerialNumberAttrName() { + return this.serialNumberAttrName; + } + + public void setSerialNumberAttrName(String serialNumberAttrName) { + if (serialNumberAttrName != null && serialNumberAttrName.length() == 0) { + throw new IllegalArgumentException("Serial number attribute name must not be empty"); + } + this.serialNumberAttrName = serialNumberAttrName != null ? serialNumberAttrName.trim() : LDAPClientImpl.DEFAULT_LDAP_ATTR_SERIAL_NUMBER; + } + + // misc + public void validateData() throws LDAPException { + if (this.issuerName == null) { + throw new LDAPException("Issuer name must not be null."); + } + if (this.ldapURL == null) { + throw new LDAPException("LDAP url must not be null."); + } + if (serialNumberAttrName == null || serialNumberAttrName.length() == 0) { + throw new LDAPException("Serial number attribute name must not be null or empty"); + } + } + + public String toString() { + StringBuffer buffer = new StringBuffer(); + buffer.append("issuerName = ").append(this.issuerName != null ? this.issuerName.getName() : null); + buffer.append(", ldapURL = ").append(this.ldapURL); + buffer.append(", serialNumberAttrName = ").append(this.serialNumberAttrName); + return buffer.toString(); + } + +} diff --git a/pdf-as-lib/src/main/java/at/knowcenter/wag/egov/egiz/ldap/client/LDAPMappingStore.java b/pdf-as-lib/src/main/java/at/knowcenter/wag/egov/egiz/ldap/client/LDAPMappingStore.java new file mode 100644 index 0000000..f36dc8c --- /dev/null +++ b/pdf-as-lib/src/main/java/at/knowcenter/wag/egov/egiz/ldap/client/LDAPMappingStore.java @@ -0,0 +1,102 @@ +/** + * Copyright 2006 by Know-Center, Graz, Austria + * PDF-AS has been contracted by the E-Government Innovation Center EGIZ, a + * joint initiative of the Federal Chancellery Austria and Graz University of + * Technology. + * + * Licensed under the EUPL, Version 1.1 or - as soon they will be approved by + * the European Commission - subsequent versions of the EUPL (the "Licence"); + * You may not use this work except in compliance with the Licence. + * You may obtain a copy of the Licence at: + * http://www.osor.eu/eupl/ + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the Licence is distributed on an "AS IS" basis, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the Licence for the specific language governing permissions and + * limitations under the Licence. + * + * This product combines work with different licenses. See the "NOTICE" text + * file for details on the various modules and licenses. + * The "NOTICE" text file is part of the distribution. Any derivative works + * that you distribute must include a readable copy of the "NOTICE" text file. + */ +package at.knowcenter.wag.egov.egiz.ldap.client; + +import iaik.asn1.structures.Name; +import iaik.utils.RFC2253NameParser; +import iaik.utils.RFC2253NameParserException; + +import java.util.ArrayList; +import java.util.Hashtable; +import java.util.List; + +import org.apache.log4j.Logger; + +/** + * @author Thomas Knall + */ +public class LDAPMappingStore { + +// private Hashtable storedMappings; + private Hashtable storedMappings; + private LDAPIssuerNameFilter issuerNameFilter; + private Logger log = Logger.getLogger(getClass()); + + public LDAPMappingStore(LDAPIssuerNameFilter issuerNameFilter) { + this.storedMappings = new Hashtable(); + this.issuerNameFilter = issuerNameFilter; + } + + public LDAPMappingStore() { + this(null); + } + + public void clearStore() { + this.storedMappings = new Hashtable(); + } + + public boolean isEmpty() { + return this.storedMappings.isEmpty(); + } + + public boolean isLDAPIssuerNameFilter() { + return this.issuerNameFilter != null; + } + + public void addMapping(LDAPMapping mapping) { + Name name = mapping.getIssuerName(); + if (issuerNameFilter != null) { + name = this.issuerNameFilter.applyFilter(name); + } + List mappingList = (List) this.storedMappings.get(name); + if (mappingList == null) { + mappingList = new ArrayList(); + this.storedMappings.put(name, mappingList); + } + log.debug("Adding mapping \"" + mapping + "\" for \"" + name.getName() + "\"."); + mappingList.add(mapping); + } + + public List getMappings(Name name) { + if (issuerNameFilter != null) { + name = this.issuerNameFilter.applyFilter(name); + } + return (List) this.storedMappings.get(name); + } + + public List getMappings(String nameString) throws LDAPException { + RFC2253NameParser parser = new RFC2253NameParser(nameString); + Name name; + try { + name = parser.parse(); + } catch (RFC2253NameParserException e) { + throw new LDAPException(e); + } + if (issuerNameFilter != null) { + name = this.issuerNameFilter.applyFilter(name); + } + return this.getMappings(name); + } + +} -- cgit v1.2.3