com.netscape.cms.authentication
Class DNPattern

java.lang.Object
  extended by com.netscape.cms.authentication.DNPattern

public class DNPattern
extends java.lang.Object

class for parsing a DN pattern used to construct a certificate subject name from ldap attributes and dn.

dnpattern is a string representing a subject name pattern to formulate from the directory attributes and entry dn. If empty or not set, the ldap entry DN will be used as the certificate subject name.

The syntax is

                dnPattern := rdnPattern *[ "," rdnPattern ]
                rdnPattern := avaPattern *[ "+" avaPattern ]
                avaPattern := name "=" value | 
                                      name "=" "$attr" "." attrName [ "." attrNumber ] | 
                                      name "=" "$dn" "." attrName [ "." attrNumber ] | 
                                          "$dn" "." "$rdn" "." number
 
 Example1: E=$attr.mail.1, CN=$attr.cn, OU=$dn.ou.2, O=$dn.o, C=US 
 Ldap entry: dn:  UID=jjames, OU=IS, OU=people, O=acme.org
 Ldap attributes: cn: Jesse James 
 Ldap attributes: mail: jjames@acme.org
 

The subject name formulated will be :
E=jjames@acme.org, CN=Jesse James, OU=people, O=acme.org, C=US

E = the first 'mail' ldap attribute value in user's entry.
CN = the (first) 'cn' ldap attribute value in the user's entry.
OU = the second 'ou' value in the user's entry DN.
O = the (first) 'o' value in the user's entry DN.
C = the string "US"

Example2: E=$attr.mail.1, CN=$attr.cn, OU=$dn.ou.2, O=$dn.o, C=US Ldap entry: dn: UID=jjames, OU=IS+OU=people, O=acme.org Ldap attributes: cn: Jesse James Ldap attributes: mail: jjames@acme.org

The subject name formulated will be :
E=jjames@acme.org, CN=Jesse James, OU=people, O=acme.org, C=US

E = the first 'mail' ldap attribute value in user's entry.
CN = the (first) 'cn' ldap attribute value in the user's entry.
OU = the second 'ou' value in the user's entry DN. note multiple AVAs in a RDN in this example.
O = the (first) 'o' value in the user's entry DN.
C = the string "US"

 Example3: CN=$attr.cn, $rdn.2, O=$dn.o, C=US
 Ldap entry: dn:  UID=jjames, OU=IS+OU=people, O=acme.org
 Ldap attributes: cn: Jesse James 
 Ldap attributes: mail: jjames@acme.org
 

The subject name formulated will be :
CN=Jesse James, OU=IS+OU=people, O=acme.org, C=US

CN = the (first) 'cn' ldap attribute value in the user's entry.
followed by the second RDN in the user's entry DN.
O = the (first) 'o' value in the user's entry DN.
C = the string "US"

Example4: CN=$attr.cn, OU=$dn.ou.2+OU=$dn.ou.1, O=$dn.o, C=US Ldap entry: dn: UID=jjames, OU=IS+OU=people, O=acme.org Ldap attributes: cn: Jesse James Ldap attributes: mail: jjames@acme.org

The subject name formulated will be :
CN=Jesse James, OU=people+OU=IS, O=acme.org, C=US

CN = the (first) 'cn' ldap attribute value in the user's entry.
OU = the second 'ou' value in the user's entry DN followed by the first 'ou' value in the user's entry. note multiple AVAs in a RDN in this example.
O = the (first) 'o' value in the user's entry DN.
C = the string "US"

If an attribute or subject DN component does not exist the attribute is skipped.

Version:
$Revision: 1211 $, $Date: 2010-08-18 10:15:37 -0700 (Wed, 18 Aug 2010) $

Field Summary
protected  java.lang.String mPatternString
           
protected  com.netscape.cms.authentication.RDNPattern[] mRDNPatterns
           
protected  java.lang.String mTestDN
           
 
Constructor Summary
DNPattern(java.io.PushbackReader in)
           
DNPattern(java.lang.String pattern)
          Construct a DN pattern by parsing a pattern string.
 
Method Summary
 java.lang.String formDN(netscape.ldap.LDAPEntry entry)
          Form a Ldap v3 DN string from results of a ldap search.
 java.lang.String[] getLdapAttrs()
           
 
Methods inherited from class java.lang.Object
clone, equals, finalize, getClass, hashCode, notify, notifyAll, toString, wait, wait, wait
 

Field Detail

mRDNPatterns

protected com.netscape.cms.authentication.RDNPattern[] mRDNPatterns

mPatternString

protected java.lang.String mPatternString

mTestDN

protected java.lang.String mTestDN
Constructor Detail

DNPattern

public DNPattern(java.lang.String pattern)
          throws EAuthException
Construct a DN pattern by parsing a pattern string.

Parameters:
pattern - the DN pattern
Throws:
EBaseException - If parsing error occurs.
EAuthException

DNPattern

public DNPattern(java.io.PushbackReader in)
          throws EAuthException
Throws:
EAuthException
Method Detail

formDN

public java.lang.String formDN(netscape.ldap.LDAPEntry entry)
                        throws EAuthException
Form a Ldap v3 DN string from results of a ldap search.

Parameters:
entry - LDAPentry from a ldap search
Returns:
Ldap v3 DN string to use for a subject name.
Throws:
EAuthException

getLdapAttrs

public java.lang.String[] getLdapAttrs()