com.netscape.cms.publish.mappers
Class MapDNPattern

java.lang.Object
  extended by com.netscape.cms.publish.mappers.MapDNPattern

public class MapDNPattern
extends java.lang.Object

class for parsing a DN pattern used to construct a ldap dn from request attributes and cert subject name.

dnpattern is a string representing a ldap dn pattern to formulate from the certificate subject name attributes and request attributes . If empty or not set, the certificate subject name will be used as the ldap dn.

The syntax is

                dnPattern := rdnPattern *[ "," rdnPattern ]
                rdnPattern := avaPattern *[ "+" avaPattern ]
                avaPattern := name "=" value | 
                                      name "=" "$subj" "." attrName [ "." attrNumber ] | 
                                      name "=" "$req" "." attrName [ "." attrNumber ] | 
                                  "$rdn" "." number
 
 Example1: cn=Certificate Manager,ou=people,o=mcom.com
 cert subject name: dn:  CN=Certificate Manager, OU=people, O=mcom.com
 request attributes: uid: cmanager 
 

The dn formulated will be :
CN=Certificate Manager, OU=people, O=mcom.com

note: Subordinate ca enrollment will use ca mapper. Use predicate to distinguish the ca itself and the subordinates. Example2: UID=$req.HTTP_PARAMS.uid, OU=$subj.ou, O=people, , O=mcom.com cert subject name: dn: UID=jjames, OU=IS, O=people, , O=mcom.com request attributes: uid: cmanager

The dn formulated will be :
UID=jjames, OU=IS, OU=people, O=mcom.com

UID = the 'uid' attribute value in the request.
OU = the 'ou' value in the cert subject name.
O = the string people, mcom.com.

If an request attribute or subject DN component does not exist, the attribute is skipped. There is potential risk that a wrong dn will be mapped into.

Version:
$Revision: 1211 $, $Date: 2010-08-18 10:15:37 -0700 (Wed, 18 Aug 2010) $

Field Summary
protected  java.lang.String[] mCertAttrs
           
protected  java.lang.String mPatternString
           
protected  com.netscape.cms.publish.mappers.MapRDNPattern[] mRDNPatterns
           
protected  java.lang.String[] mReqAttrs
           
protected  java.lang.String mTestDN
           
 
Constructor Summary
MapDNPattern(java.io.PushbackReader in)
           
MapDNPattern(java.lang.String pattern)
          Construct a DN pattern by parsing a pattern string.
 
Method Summary
 java.lang.String formDN(IRequest req, netscape.security.x509.X500Name subject, netscape.security.x509.CertificateExtensions ext)
          Form a Ldap v3 DN string from a request and a cert subject name.
 java.lang.String[] getCertAttrs()
           
 java.lang.String[] getReqAttrs()
           
 
Methods inherited from class java.lang.Object
clone, equals, finalize, getClass, hashCode, notify, notifyAll, toString, wait, wait, wait
 

Field Detail

mReqAttrs

protected java.lang.String[] mReqAttrs

mCertAttrs

protected java.lang.String[] mCertAttrs

mRDNPatterns

protected com.netscape.cms.publish.mappers.MapRDNPattern[] mRDNPatterns

mPatternString

protected java.lang.String mPatternString

mTestDN

protected java.lang.String mTestDN
Constructor Detail

MapDNPattern

public MapDNPattern(java.lang.String pattern)
             throws ELdapException
Construct a DN pattern by parsing a pattern string.

Parameters:
pattern - the DN pattern
Throws:
EBaseException - If parsing error occurs.
ELdapException

MapDNPattern

public MapDNPattern(java.io.PushbackReader in)
             throws ELdapException
Throws:
ELdapException
Method Detail

formDN

public java.lang.String formDN(IRequest req,
                               netscape.security.x509.X500Name subject,
                               netscape.security.x509.CertificateExtensions ext)
                        throws ELdapException
Form a Ldap v3 DN string from a request and a cert subject name.

Parameters:
req - the request for (un)publish
subject - the subjectDN of the certificate
Returns:
Ldap v3 DN string to use for base ldap search.
Throws:
ELdapException

getReqAttrs

public java.lang.String[] getReqAttrs()

getCertAttrs

public java.lang.String[] getCertAttrs()