Creating Plugins
To, for example, extend the RA functionality considerably, possibly including additional database tables as well, you may consider using the EJBCA plugin scheme which provides custom applications with the core EJBCA environment data. In the directory src/samples/plug-ins
you will find a couple of complete demo plugins that can be added to an existing EJBCA installation without any configuration.
Including Plugins in EJBCA
There are two methods of creating and including your own plugins in EJBCA:
Including External JARs on the Classpath
This may be the easier method for some and involves pre-compiling your own JAR (preferably using one of our plugin interfaces and a manifest file, see below) and making sure it's available on the classpath. To enable this:
- Modify the file
plugin.properties.sample
(renaming it to for examplewidget.properties
) and place it in eitherconf/plugins
in your local EJBCA directory or underejbca-custom/conf/plugins
if you're using an external configuration directory. Make sure that the file contains the following line where the directory points to the location of your compiled JAR file.
CODEplugin.ejbca.lib.dir=/home/demo/myplugin/dist/
You can also add custom language files in the plugin jar file:
myjar.jar
|
+-- com/
| |
| +-- example/
| |
| +-- MyPlugin.class
|
+-- languages/
| |
| +-- languagefile.en.properties
Including External Source Directories
The other variant is to create a source directory alongside EJBCA from which EJBCA can copy source files from. While this variant may be simpler to maintain due to sourcing the EJBCA libs directly from EJBCA, it may also be more difficult to set up a development environment against. To enable this:
- Modify the file
plugin.properties.sample
(renaming it to for examplewidget.properties
) and place it in eitherconf/plugins
in your local EJBCA directory or underejbca-custom/conf/plugins
if you're using an external configuration directory. Make sure that the file contains the following line to point to the build file of your plugin.
CODEplugin.ejbca.ant.file=/home/demo/myplugin/build.xml
For more information on setting this up, see plugin.properties.sample
.
Sample Plugin
A basic sample plugin is provided in the directory src/samples/plugins
. It contains a web application and an EJB bean.
To deploy and test the plugin, run the following:
ant build -Dejbca.plugin.conf.path=/home/user/Dev/workspace/ejbca-trunk/src/samples/plugins
ant deployear
You can then access the plugin webapp at http://localhost:8080/ejbca/pluginweb/.
For more information, refer to the README file located in the directory src/samples/plugins
.
Plugin Interfaces
Several plugin interfaces allow you to extend functionality using your own classes. Using any of the following interfaces, including a manifest file in the JAR and making sure that the JAR is available on the classpath (see Including External JARs on the Classpath) during the construction of the EJBCA EAR, will lead to the plugins automatically appearing where relevant.
Type | Description | Documentation |
---|---|---|
Certificate Extensions | Customized Extensions can be added and removed in the Custom Certificate Extensions tab in the System Configuration page. Interface: org.cesecore.certificates.certificate.certextensions.CustomCertificateExtension | Custom Certificate Extensions |
Email Notification Recipients | E-mail notifications can be sent when status changes for an end entity, for example when a new user is added. | E-mail Notifications |
Publishers | While EJBCA hosts a vast array of different types of publishers, you can easily create your own as well. | Custom Publishers |
Request Processors | A request processor is a plugin which in some way modifies or acts upon an incoming CSR before issuing certificates. | Creating Custom Request Processors |
Services | It is possible to write customized component plugins that can be used with other standards (or customized plugins). Interface: org.ejbca.core.model.services.IWorker | Services |
User Data Sources | The User Data Sources framework allows importing user data from existing databases and enables importing user data from an LDAP and AD. Interface: org.ejbca.core.model.ra.userdatasource.ICustomUserDataSource | User Data Sources |
Since EJBCA is open source, you can modify anything you like, or use any of the interfaces and create your own add-ons. For more information on how to manage add-ons and plugins, see Adding Rules to Regulate Values of End Entity Fields.