public class

DefaultCertificateProvider

extends Object
implements CertificateProvider
java.lang.Object
   ↳ com.microstrategy.web.certificate.DefaultCertificateProvider

Class Overview

Provides a default implementation for a certificate provider. You may override any public or protected method on the class.

Summary

Constants
String CLASSNAME
String DEFAULT_CRL_FILE_NAME
Public Constructors
DefaultCertificateProvider()
Public Methods
CertificateContainer getCertificate(Map<String, String> parameters, String password, String deviceUUID)
This method will first call validateCredentials to confirm that the user has access to be allowed to create a certificate, then creates a new certificate and adds it to the certificate catalog.
CertificateCollection getCertificates()
This method will simply read the file from disk, parse the results into the CertificateCollection object model, and return the results.
Map<String, String> getInitializationParameters()
Returns initialization parameters.
String getLoginParameters(Locale locale)
This method will return a login XML with the parameters of login and password, as login and pwd.
void init(Map<String, String> _initializationParameters)
The default implementation will read the initialization XML, and attempt to create the signing certificate objects from the files on the file system.
void revokeCertificate(String serialNumber)
Revokes the certificate with the given serial number.
String signCertificate(Map<String, String> parameters, String deviceUUID, String csr)
Signs a CSR.
Protected Methods
X509Certificate getCRLIssuerCertificate()
PrivateKey getCRLIssuerPrivateKey()
String getSSLConnectorPattern()
String validateCredentials(Map<String, String> parameters)
This method will validate the credentials passed to determine whether the user is authorized to create a certificate.
[Expand]
Inherited Methods
From class java.lang.Object
From interface com.microstrategy.web.certificate.CertificateProvider

Constants

public static final String CLASSNAME

Constant Value: "com.microstrategy.web.certificate.DefaultCertificateProvider"

public static final String DEFAULT_CRL_FILE_NAME

Constant Value: "cert-srv.crl"

Public Constructors

public DefaultCertificateProvider ()

Public Methods

public CertificateContainer getCertificate (Map<String, String> parameters, String password, String deviceUUID)

This method will first call validateCredentials to confirm that the user has access to be allowed to create a certificate, then creates a new certificate and adds it to the certificate catalog.

Parameters
parameters The parameters the user entered for authentication.
password The password that should be used to encode the PKCS 12 file.
deviceUUID The device UUID of the user. Used for bookkeeping.
Returns
  • A PKCS 12 formatted file containing a newly signed certificate.
See Also
  • com.microstrategy.web.certificate.DefaultCertificateProvider#validateCredentials(java.util.HashMap)

public CertificateCollection getCertificates ()

This method will simply read the file from disk, parse the results into the CertificateCollection object model, and return the results.

Returns
  • A CertificateCollection containing the certificates on the system.

public Map<String, String> getInitializationParameters ()

Returns initialization parameters.

public String getLoginParameters (Locale locale)

This method will return a login XML with the parameters of login and password, as login and pwd.

Returns
  • The XML with the login parameters.

public void init (Map<String, String> _initializationParameters)

The default implementation will read the initialization XML, and attempt to create the signing certificate objects from the files on the file system. This should be called by any class that extends this class if the class is overridden - none of the methods in the class will work if this is not called.

public void revokeCertificate (String serialNumber)

Revokes the certificate with the given serial number. Serial number is represented as a numeric string.

Parameters
serialNumber The serial number of the certificate to revoke.

public String signCertificate (Map<String, String> parameters, String deviceUUID, String csr)

Signs a CSR.

Parameters
parameters The parameters the user entered for authentication
deviceUUID Unique device identifier
csr Certificate Signing Request
Returns
  • resulting certificates in PEM format - this includes the signed certificate along with the signing certificate chain.

Protected Methods

protected X509Certificate getCRLIssuerCertificate ()

protected PrivateKey getCRLIssuerPrivateKey ()

protected String getSSLConnectorPattern ()

protected String validateCredentials (Map<String, String> parameters)

This method will validate the credentials passed to determine whether the user is authorized to create a certificate. If so, this returns the login identifier, otherwise, it throws an exception. This can be overridden to use the same certificate generation mechanism with a different authentication mechanism.

Parameters
parameters The parameters map of user-entered parameters
Returns
  • The login identifier to be associated with the certificate in the lookup table.
Throws
MSTRCheckedException Thrown if there is an error connecting or if the user is not authorized.