001 /** 002 * 003 * Licensed to the Apache Software Foundation (ASF) under one or more 004 * contributor license agreements. See the NOTICE file distributed with 005 * this work for additional information regarding copyright ownership. 006 * The ASF licenses this file to You under the Apache License, Version 2.0 007 * (the "License"); you may not use this file except in compliance with 008 * the License. You may obtain a copy of the License at 009 * 010 * http://www.apache.org/licenses/LICENSE-2.0 011 * 012 * Unless required by applicable law or agreed to in writing, software 013 * distributed under the License is distributed on an "AS IS" BASIS, 014 * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. 015 * See the License for the specific language governing permissions and 016 * limitations under the License. 017 */ 018 package org.apache.geronimo.ca.helper; 019 020 import java.io.ByteArrayOutputStream; 021 import java.io.IOException; 022 import java.io.PrintStream; 023 import java.util.Properties; 024 025 import javax.servlet.ServletException; 026 import javax.servlet.http.HttpServletRequest; 027 import javax.servlet.http.HttpServletResponse; 028 029 import org.apache.geronimo.ca.helper.util.CAHelperUtils; 030 import org.apache.geronimo.crypto.CaUtils; 031 032 /** 033 * Servlet implementation class for Servlet: CertificateRequestServlet 034 * 035 * @version $Rev: 706640 $ $Date: 2008-10-21 14:44:05 +0000 (Tue, 21 Oct 2008) $ 036 */ 037 public class CertificateRequestServlet extends javax.servlet.http.HttpServlet implements javax.servlet.Servlet { 038 /* (non-Java-doc) 039 * @see javax.servlet.http.HttpServlet#HttpServlet() 040 */ 041 public CertificateRequestServlet() { 042 super(); 043 } 044 045 /* (non-Java-doc) 046 * @see javax.servlet.http.HttpServlet#doGet(HttpServletRequest request, HttpServletResponse response) 047 */ 048 protected void doGet(HttpServletRequest request, HttpServletResponse response) throws ServletException, IOException { 049 doPost(request, response); 050 } 051 052 /* (non-Java-doc) 053 * @see javax.servlet.http.HttpServlet#doPost(HttpServletRequest request, HttpServletResponse response) 054 */ 055 protected void doPost(HttpServletRequest request, HttpServletResponse response) throws ServletException, IOException { 056 // Retrieve the values submitted by the user 057 String reqCN = request.getParameter("reqCN"); 058 String reqOU = request.getParameter("reqOU"); 059 String reqO = request.getParameter("reqO"); 060 String reqL = request.getParameter("reqL"); 061 String reqST = request.getParameter("reqST"); 062 String reqC = request.getParameter("reqC"); 063 String spkac = request.getParameter("spkac"); 064 String pkcs10req = request.getParameter("pkcs10req"); 065 066 String toStore = null; 067 if(pkcs10req != null && !pkcs10req.equals("")) { 068 // Either generated from Internet Explorer or submitted as PKCS10 request 069 if(!pkcs10req.startsWith(CaUtils.CERT_REQ_HEADER)) { 070 ByteArrayOutputStream baos = new ByteArrayOutputStream(); 071 PrintStream out = new PrintStream(baos); 072 out.println(CaUtils.CERT_REQ_HEADER); 073 out.println(pkcs10req.trim()); 074 out.println(CaUtils.CERT_REQ_FOOTER); 075 out.close(); 076 toStore = baos.toString(); 077 } else { 078 toStore = pkcs10req; 079 } 080 } else if(spkac != null && !spkac.equals("")) { 081 // Received from a web browser that supports KEYGEN tag 082 // Create a Properties object with user supplied values 083 Properties csrProps = new Properties(); 084 csrProps.setProperty("CN", reqCN); 085 csrProps.setProperty("OU", reqOU); 086 csrProps.setProperty("O", reqO); 087 csrProps.setProperty("L", reqL); 088 csrProps.setProperty("ST", reqST); 089 csrProps.setProperty("C", reqC); 090 csrProps.setProperty("SPKAC", spkac); 091 ByteArrayOutputStream baos = new ByteArrayOutputStream(); 092 csrProps.store(baos, "Request received through CA Helper Application"); 093 baos.close(); 094 toStore = baos.toString(); 095 } else { 096 // Did not receive a SignedPublicKeyAndChallenge or a PKCS10 Cerificate Request 097 throw new ServletException("Did not receive a SignedPublicKeyAndChallenge or a PKCS10 Cerificate Request. Resubmit your certificate request."); 098 } 099 100 // Store the CSR in the Certificate Request Store. 101 String csrId = CAHelperUtils.getCertificateRequestStore().storeRequest(null, toStore); 102 103 // Display the CSR Id to the user and confirm the receipt of CSR 104 request.setAttribute("id", csrId); 105 getServletContext().getRequestDispatcher("/receivedCSR.jsp").forward(request, response); 106 } 107 }