org.apache.geronimo.ca.helper: public class: DownloadCertificateServlet

org.apache.geronimo.ca.helper
public class: DownloadCertificateServlet [javadoc | source]

java.lang.Object
   javax.servlet.GenericServlet
      javax.servlet.http.HttpServlet
         org.apache.geronimo.ca.helper.DownloadCertificateServlet

All Implemented Interfaces:
Servlet, Serializable, ServletConfig

Servlet implementation class for Servlet: DownloadCertificateServlet

version: $ - Rev: 514091 $ $Date: 2007-03-02 22:26:39 -0800 (Fri, 02 Mar 2007) $

Fields inherited from javax.servlet.http.HttpServlet:
class$javax$servlet$http$HttpServlet

Constructor:
public DownloadCertificateServlet() { super(); }

Method from org.apache.geronimo.ca.helper.DownloadCertificateServlet Summary:
doGet, doPost

Methods from javax.servlet.http.HttpServlet:
class$, doDelete, doGet, doHead, doOptions, doPost, doPut, doTrace, getLastModified, service, service

Methods from javax.servlet.GenericServlet:
destroy, getInitParameter, getInitParameterNames, getServletConfig, getServletContext, getServletInfo, getServletName, init, init, log, log, service

Methods from java.lang.Object:
clone, equals, finalize, getClass, hashCode, notify, notifyAll, toString, wait, wait, wait

Method from org.apache.geronimo.ca.helper.DownloadCertificateServlet Detail:
protected void doGet(HttpServletRequest request, HttpServletResponse response) throws ServletException, IOException { doPost(request, response); }
protected void doPost(HttpServletRequest request, HttpServletResponse response) throws ServletException, IOException { String type = request.getParameter("type"); String csrId = request.getParameter("csrId"); try { if(type != null && type.equals("ca")){ // Request is to download CA's certificate // Retrieve CA's certificate from the CertificateStore CertificateStore certStore = CAHelperUtils.getCertificateStore(); Certificate cert = certStore.getCACertificate(); byte[] data = cert.getEncoded(); // Upload the certificate with mime-header for CA certificates response.setContentType("application/x-x509-ca-cert"); response.setContentLength(data.length); response.getOutputStream().write(data); } else if(csrId != null){ // Request is to download user's own certificate // Get the serial number of the certificate based on the csrId CertificateRequestStore certReqStore = CAHelperUtils.getCertificateRequestStore(); BigInteger sNo = certReqStore.getSerialNumberForRequest(csrId); if(sNo == null) { // Either the CSR is yet to be fulfilled or the csrId is invalid. throw new Exception("Either the CSR is yet to be fulfilled or the csrId is invalid. csrId = "+csrId); } CertificateStore certStore = CAHelperUtils.getCertificateStore(); Certificate cert = certStore.getCertificate(sNo); byte[] data = cert.getEncoded(); // Create a link for "verify certificate" page. String host = request.getServerName(); int port = CAHelperUtils.getHttpsClientAuthPort(); String contextPath = request.getContextPath(); String link = "https://"+host+":"+port+""+contextPath+"/verifyCertificate.jsp?csrId="+request.getParameter("csrId"); // Create a multi-part mime message with user's certificate and an information page. response.setContentType("multipart/mixed; boundary=\"BOUNDARY\""); OutputStream out = response.getOutputStream(); out.write("This is a multi-part message in MIME format.\n".getBytes()); // Upload the certificate with mime-header for user certificates. out.write("--BOUNDARY\n".getBytes()); out.write(("Content-type: application/x-x509-user-cert\n\n").getBytes()); out.write(data); // A web page showing "verify certificate" link if an HTTPS client-authentication connector is configured. out.write("--BOUNDARY\n".getBytes()); out.write("Content-type: text/html\n\n".getBytes()); out.write("< html >< body >".getBytes()); out.write("< p >Certificate is downloaded successfully. ".getBytes()); if(port != -1) out.write(("Access < a href="+link+" >this link< /a > to verify.< /p >\n").getBytes()); else out.write("No HTTPS client-authentication port is configured to verify.< /p >\n".getBytes()); out.write(("< a href=\""+contextPath+"\" > Back to CA Helper home< /a >").getBytes()); out.write("< /body >< /html >".getBytes()); out.write("--BOUNDARY--\n".getBytes()); out.flush(); } else { // Request is for downloading neither CA's certificate nor user's certificate. throw new Exception("Invalid certificate download request."); } } catch (Exception e) { throw new ServletException("Exception while uploading certificate.", e); } }

Method from org.apache.geronimo.ca.helper.DownloadCertificateServlet Detail:

 protected  void doGet(HttpServletRequest request,
    HttpServletResponse response) throws ServletException, IOException {
        doPost(request, response);
}

 protected  void doPost(HttpServletRequest request,
    HttpServletResponse response) throws ServletException, IOException {
        String type = request.getParameter("type");
        String csrId = request.getParameter("csrId");
        try {
            if(type != null && type.equals("ca")){
                // Request is to download CA's certificate
                // Retrieve CA's certificate from the CertificateStore
                CertificateStore certStore = CAHelperUtils.getCertificateStore();
                Certificate cert = certStore.getCACertificate();
                byte[] data = cert.getEncoded();
                // Upload the certificate with mime-header for CA certificates
                response.setContentType("application/x-x509-ca-cert");
                response.setContentLength(data.length);
                response.getOutputStream().write(data);
            } else if(csrId != null){
                // Request is to download user's own certificate
                // Get the serial number of the certificate based on the csrId
                CertificateRequestStore certReqStore = CAHelperUtils.getCertificateRequestStore();
                BigInteger sNo = certReqStore.getSerialNumberForRequest(csrId);
                if(sNo == null) {
                    // Either the CSR is yet to be fulfilled or the csrId is invalid.
                    throw new Exception("Either the CSR is yet to be fulfilled or the csrId is invalid. csrId = "+csrId);
                }
                CertificateStore certStore = CAHelperUtils.getCertificateStore();
                Certificate cert = certStore.getCertificate(sNo);
                byte[] data = cert.getEncoded();
                // Create a link for "verify certificate" page.
                String host = request.getServerName();
                int port = CAHelperUtils.getHttpsClientAuthPort();
                String contextPath = request.getContextPath();
                String link = "https://"+host+":"+port+""+contextPath+"/verifyCertificate.jsp?csrId="+request.getParameter("csrId");
                // Create a multi-part mime message with user's certificate and an information page.
                response.setContentType("multipart/mixed; boundary=\"BOUNDARY\"");
                OutputStream out = response.getOutputStream();
                out.write("This is a multi-part message in MIME format.\n".getBytes());
                // Upload the certificate with mime-header for user certificates.
                out.write("--BOUNDARY\n".getBytes());
                out.write(("Content-type: application/x-x509-user-cert\n\n").getBytes());
                out.write(data);
                // A web page showing "verify certificate" link if an HTTPS client-authentication connector is configured.
                out.write("--BOUNDARY\n".getBytes());
                out.write("Content-type: text/html\n\n".getBytes());
                out.write("< html >< body >".getBytes());
                out.write("< p >Certificate is downloaded successfully. ".getBytes());
                if(port != -1)
                    out.write(("Access < a href="+link+" >this link< /a > to verify.< /p >\n").getBytes());
                else
                    out.write("No HTTPS client-authentication port is configured to verify.< /p >\n".getBytes());
                out.write(("< a href=\""+contextPath+"\" > Back to CA Helper home< /a >").getBytes());
                out.write("< /body >< /html >".getBytes());
                out.write("--BOUNDARY--\n".getBytes());
                out.flush();
            } else {
                // Request is for downloading neither CA's certificate nor user's certificate.
                throw new Exception("Invalid certificate download request.");
            }
        } catch (Exception e) {
            throw new ServletException("Exception while uploading certificate.", e);
        }
}