/**
* Copyright 2006 by Know-Center, Graz, Austria
* PDF-AS has been contracted by the E-Government Innovation Center EGIZ, a
* joint initiative of the Federal Chancellery Austria and Graz University of
* Technology.
*
* Licensed under the EUPL, Version 1.1 or - as soon they will be approved by
* the European Commission - subsequent versions of the EUPL (the "Licence");
* You may not use this work except in compliance with the Licence.
* You may obtain a copy of the Licence at:
* http://www.osor.eu/eupl/
*
* Unless required by applicable law or agreed to in writing, software
* distributed under the Licence is distributed on an "AS IS" basis,
* WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
* See the Licence for the specific language governing permissions and
* limitations under the Licence.
*
* This product combines work with different licenses. See the "NOTICE" text
* file for details on the various modules and licenses.
* The "NOTICE" text file is part of the distribution. Any derivative works
* that you distribute must include a readable copy of the "NOTICE" text file.
*/
package at.knowcenter.wag.egov.egiz.ldap.api;
import iaik.utils.Util;
import iaik.x509.X509Certificate;
import java.math.BigInteger;
import java.util.Iterator;
import java.util.List;
import org.apache.log4j.Logger;
import at.knowcenter.wag.egov.egiz.cfg.SettingsReader;
import at.knowcenter.wag.egov.egiz.exceptions.SettingNotFoundException;
import at.knowcenter.wag.egov.egiz.exceptions.SettingsException;
import at.knowcenter.wag.egov.egiz.ldap.client.LDAPClient;
import at.knowcenter.wag.egov.egiz.ldap.client.LDAPClientFactory;
import at.knowcenter.wag.egov.egiz.ldap.client.LDAPException;
import at.knowcenter.wag.egov.egiz.ldap.client.LDAPIssuerNameFilter;
import at.knowcenter.wag.egov.egiz.ldap.client.LDAPMapping;
import at.knowcenter.wag.egov.egiz.sig.LDAPAPI;
/**
* @author Thomas Knall
*/
public class LDAPAPIImpl implements LDAPAPI {
private final Logger log = Logger.getLogger(this.getClass());
/**
* Prefix for specific entry in config properties file.
*/
private static final String PROP_LDAP_PREFIX = "ldap_mapping";
private static final String PROP_ISSUER_NAME_POSTFIX = "issuer_name";
private static final String PROP_LDAP_URL_POSTFIX = "url";
private static final String PROP_SERIAL_ATTR_POSTFIX = "serial_attr";
private static final String LDAP_FACTORY_IDENTIFIER = "PDF-AS LDAP Support";
private LDAPClientFactory ldapClientFactory;
private LDAPIssuerNameFilter ldapIssuerNameFilter;
protected LDAPAPIImpl() {
this.ldapClientFactory = null;
this.ldapIssuerNameFilter = null;
}
private void initializeFactoryImpl() {
if (this.ldapClientFactory == null) {
try {
SettingsReader settings = SettingsReader.getInstance();
this.ldapClientFactory = LDAPClientFactory.getInstance(LDAP_FACTORY_IDENTIFIER);
this.ldapClientFactory.setLDAPIssuerNameFilter(this.ldapIssuerNameFilter);
List mappingKeys = settings.getKeys(PROP_LDAP_PREFIX);
if (mappingKeys != null) {
Iterator it = mappingKeys.iterator();
while (it.hasNext()) {
String keyPrefix = PROP_LDAP_PREFIX + "." + (String) it.next() + ".";
String issuerName = settings.getSetting(keyPrefix + PROP_ISSUER_NAME_POSTFIX);
String ldapURL = settings.getSetting(keyPrefix + PROP_LDAP_URL_POSTFIX);
String serialAttr = settings.getSetting(keyPrefix + PROP_SERIAL_ATTR_POSTFIX,
null);
LDAPMapping ldapMapping = new LDAPMapping(issuerName, ldapURL, serialAttr);
this.ldapClientFactory.registerMapping(ldapMapping);
}
} else {
StringBuffer buffer = new StringBuffer();
buffer.append(PROP_LDAP_PREFIX).append(".foo.").append(PROP_ISSUER_NAME_POSTFIX)
.append(", ");
buffer.append(PROP_LDAP_PREFIX).append(".foo.").append(PROP_LDAP_URL_POSTFIX)
.append(", ");
buffer.append(PROP_LDAP_PREFIX).append(".foo.").append(PROP_SERIAL_ATTR_POSTFIX);
this.log.warn("There are no LDAP mappings (" + buffer.toString()
+ ") declared within config file.");
}
} catch (SettingsException e) {
this.log.error(e.getMessage(), e);
} catch (SettingNotFoundException e) {
this.log.error(e.getMessage(), e);
} catch (LDAPException e) {
this.log.error(e.getMessage(), e);
}
;
}
}
public byte[] loadBase64CertificateFromLDAP(String serialNumber, String issuer) {
this.initializeFactoryImpl();
byte[] base64CertData = null;
try {
List clients = this.ldapClientFactory.createClients(issuer);
Iterator clientIt = clients.iterator();
X509Certificate x509certificate = null;
while (clientIt.hasNext() && x509certificate == null) {
LDAPClient client = (LDAPClient) clientIt.next();
try {
x509certificate = client.retrieveCertificate(new BigInteger(serialNumber));
} catch (LDAPException e) {
this.log.error(e.getMessage(), e);
}
}
if (x509certificate != null) {
base64CertData = Util.Base64Encode(x509certificate.toByteArray());
}
} catch (LDAPException e) {
this.log.error(e.getMessage(), e);
}
return base64CertData;
}
public void setIssuerNameFilter(LDAPIssuerNameFilter filter) throws LDAPAPIException {
if (this.ldapClientFactory != null) {
throw new LDAPAPIException("LDAPIssuerNameFilter must be applied before mappings are registered.");
}
this.ldapIssuerNameFilter = filter;
}
}