[Pki-devel] [PATCH] 0101 Lightweight CAs: accept "host-authority" as valid parent

Fraser Tweedale ftweedal at redhat.com
Thu May 5 06:54:42 UTC 2016 

The attached patch allows "host-authority" to be used as valid
reference to the host authority when creating a LWCA.  It makes life
easier for me one the FreeIPA side :)

Cheers,
Fraser
-------------- next part --------------
From f1860c2315f13d458a33521f78327b8c3a84a246 Mon Sep 17 00:00:00 2001
From: Fraser Tweedale <ftweedal at redhat.com>
Date: Thu, 5 May 2016 16:33:52 +1000
Subject: [PATCH] Lightweight CAs: accept "host-authority" as valid parent

Accept the string "host-authority" as a valid reference to the host
authority when creating a sub-CA.  This is a convenience for users,
and for systems that do not know (and do not want to look up) the ID
of the host authority.

Part of: https://fedorahosted.org/pki/ticket/1625
---
 .../src/org/dogtagpki/server/ca/rest/AuthorityService.java   | 12 ++++++++----
 1 file changed, 8 insertions(+), 4 deletions(-)

diff --git a/base/ca/src/org/dogtagpki/server/ca/rest/AuthorityService.java b/base/ca/src/org/dogtagpki/server/ca/rest/AuthorityService.java
index 582248d4cf284fb759c5c483810da87683862c1f..29e9a470f59b725ffbfd3cc3079d736d2b7b906a 100644
--- a/base/ca/src/org/dogtagpki/server/ca/rest/AuthorityService.java
+++ b/base/ca/src/org/dogtagpki/server/ca/rest/AuthorityService.java
@@ -179,10 +179,14 @@ public class AuthorityService extends PKIService implements AuthorityResource {
     public Response createCA(AuthorityData data) {
         String parentAIDString = data.getParentID();
         AuthorityID parentAID = null;
-        try {
-            parentAID = new AuthorityID(parentAIDString);
-        } catch (IllegalArgumentException e) {
-            throw new BadRequestException("Bad Authority ID: " + parentAIDString);
+        if (AuthorityResource.HOST_AUTHORITY.equals(parentAIDString)) {
+            parentAID = hostCA.getAuthorityID();
+        } else {
+            try {
+                parentAID = new AuthorityID(parentAIDString);
+            } catch (IllegalArgumentException e) {
+                throw new BadRequestException("Bad Authority ID: " + parentAIDString);
+            }
         }
 
         PKIPrincipal principal =
-- 
2.5.5

More information about the Pki-devel mailing list