|
||||||||||
PREV CLASS NEXT CLASS | FRAMES NO FRAMES | |||||||||
SUMMARY: NESTED | FIELD | CONSTR | METHOD | DETAIL: FIELD | CONSTR | METHOD |
java.lang.Objectcom.netscape.cms.publish.mappers.MapDNPattern
public class MapDNPattern
class for parsing a DN pattern used to construct a ldap dn from request attributes and cert subject name.
dnpattern is a string representing a ldap dn pattern to formulate from the certificate subject name attributes and request attributes . If empty or not set, the certificate subject name will be used as the ldap dn.
The syntax is
dnPattern := rdnPattern *[ "," rdnPattern ] rdnPattern := avaPattern *[ "+" avaPattern ] avaPattern := name "=" value | name "=" "$subj" "." attrName [ "." attrNumber ] | name "=" "$req" "." attrName [ "." attrNumber ] | "$rdn" "." number
Example1: cn=Certificate Manager,ou=people,o=mcom.com cert subject name: dn: CN=Certificate Manager, OU=people, O=mcom.com request attributes: uid: cmanagerIf an request attribute or subject DN component does not exist, the attribute is skipped. There is potential risk that a wrong dn will be mapped into.The dn formulated will be :
CN=Certificate Manager, OU=people, O=mcom.comnote: Subordinate ca enrollment will use ca mapper. Use predicate to distinguish the ca itself and the subordinates. Example2: UID=$req.HTTP_PARAMS.uid, OU=$subj.ou, O=people, , O=mcom.com cert subject name: dn: UID=jjames, OU=IS, O=people, , O=mcom.com request attributes: uid: cmanager
The dn formulated will be :
UID=jjames, OU=IS, OU=people, O=mcom.comUID = the 'uid' attribute value in the request.
OU = the 'ou' value in the cert subject name.
O = the string people, mcom.com.
Field Summary | |
---|---|
protected java.lang.String[] |
mCertAttrs
|
protected java.lang.String |
mPatternString
|
protected com.netscape.cms.publish.mappers.MapRDNPattern[] |
mRDNPatterns
|
protected java.lang.String[] |
mReqAttrs
|
protected java.lang.String |
mTestDN
|
Constructor Summary | |
---|---|
MapDNPattern(java.io.PushbackReader in)
|
|
MapDNPattern(java.lang.String pattern)
Construct a DN pattern by parsing a pattern string. |
Method Summary | |
---|---|
java.lang.String |
formDN(IRequest req,
netscape.security.x509.X500Name subject,
netscape.security.x509.CertificateExtensions ext)
Form a Ldap v3 DN string from a request and a cert subject name. |
java.lang.String[] |
getCertAttrs()
|
java.lang.String[] |
getReqAttrs()
|
Methods inherited from class java.lang.Object |
---|
clone, equals, finalize, getClass, hashCode, notify, notifyAll, toString, wait, wait, wait |
Field Detail |
---|
protected java.lang.String[] mReqAttrs
protected java.lang.String[] mCertAttrs
protected com.netscape.cms.publish.mappers.MapRDNPattern[] mRDNPatterns
protected java.lang.String mPatternString
protected java.lang.String mTestDN
Constructor Detail |
---|
public MapDNPattern(java.lang.String pattern) throws ELdapException
pattern
- the DN pattern
EBaseException
- If parsing error occurs.
ELdapException
public MapDNPattern(java.io.PushbackReader in) throws ELdapException
ELdapException
Method Detail |
---|
public java.lang.String formDN(IRequest req, netscape.security.x509.X500Name subject, netscape.security.x509.CertificateExtensions ext) throws ELdapException
req
- the request for (un)publishsubject
- the subjectDN of the certificate
ELdapException
public java.lang.String[] getReqAttrs()
public java.lang.String[] getCertAttrs()
|
||||||||||
PREV CLASS NEXT CLASS | FRAMES NO FRAMES | |||||||||
SUMMARY: NESTED | FIELD | CONSTR | METHOD | DETAIL: FIELD | CONSTR | METHOD |