Package org.opends.server.api

Class CertificateMapper<T extends CertificateMapperCfg>

    • Constructor Detail

      • CertificateMapper

        public CertificateMapper()

    • Method Detail

      • initializeCertificateMapper

        public final void initializeCertificateMapper​(T configuration)
                                       throws ConfigException,
                                              InitializationException
        Initializes this certificate mapper based on the information in the provided configuration entry.
        Parameters:
        configuration - The configuration that should be used to initialize this certificate mapper.
        Throws:
        ConfigException - If the provided entry does not contain a valid certificate mapper configuration.
        InitializationException - If a problem occurs during initialization that is not related to the server configuration.

      • initializeCertificateMapper0

        protected abstract void initializeCertificateMapper0​(T configuration)
                                              throws ConfigException,
                                                     InitializationException
        Implements certificate mapper specific actions when initializing the certificate mapper.
        Parameters:
        configuration - The configuration that should be used to initialize this certificate mapper.
        Throws:
        ConfigException - If the provided entry does not contain a valid certificate mapper configuration.
        InitializationException - If a problem occurs during initialization that is not related to the server configuration.

      • isConfigurationAcceptable

        public boolean isConfigurationAcceptable​(T configuration,
                                         List<LocalizableMessage> unacceptableReasons)
        Indicates whether the provided configuration is acceptable for this certificate mapper. It should be possible to call this method on an uninitialized certificate mapper instance in order to determine whether the certificate mapper would be able to use the provided configuration.
        Parameters:
        configuration - The certificate mapper configuration for which to make the determination.
        unacceptableReasons - A list that may be used to hold the reasons that the provided configuration is not acceptable.
        Returns:
        true if the provided configuration is acceptable for this certificate mapper, or false if not.

      • finalizeCertificateMapper

        public void finalizeCertificateMapper()
        Performs any finalization that may be necessary for this certificate mapper. By default, no finalization is performed.

      • mapCertificateToUser

        public final Entry mapCertificateToUser​(Certificate[] certificateChain)
                                 throws LdapException
        Establishes a mapping between the information in the provided certificate chain and a single user entry in the Directory Server.
        Parameters:
        certificateChain - The certificate chain presented by the client during SSL negotiation. The peer certificate will be listed first, followed by the ordered issuer chain as appropriate.
        Returns:
        The entry for the user to whom the mapping was established, or null if no mapping was established and no special message is required to send back to the client.
        Throws:
        LdapException - If a problem occurred while attempting to establish the mapping. This may include internal failures, a mapping which matches multiple users, or any other case in which an error message should be returned to the client.

      • mapCertificateToUser0

        protected abstract Entry mapCertificateToUser0​(Certificate[] certificateChain)
                                        throws LdapException
        Implements certificate mapper specific logic for mapping the provided certificate to a user entry.
        Parameters:
        certificateChain - The certificate chain presented by the client during SSL negotiation. The peer certificate will be listed first, followed by the ordered issuer chain as appropriate.
        Returns:
        The entry for the user to whom the mapping was established, or null if no mapping was established and no special message is required to send back to the client.
        Throws:
        LdapException - If a problem occurred while attempting to establish the mapping. This may include internal failures, a mapping which matches multiple users, or any other case in which an error message should be returned to the client.

      • isConfigurationChangeAcceptable

        public boolean isConfigurationChangeAcceptable​(T configuration,
                                               List<LocalizableMessage> unacceptableReasons)
        Description copied from interface: ConfigurationChangeListener
        Indicates whether the proposed change to the configuration is acceptable to this change listener.
        Specified by:
        isConfigurationChangeAcceptable in interface ConfigurationChangeListener<T extends CertificateMapperCfg>
        Parameters:
        configuration - The new configuration containing the changes.
        unacceptableReasons - A list that can be used to hold messages about why the provided configuration is not acceptable.
        Returns:
        Returns true if the proposed change is acceptable, or false if it is not.

      • applyConfigurationChange0

        protected abstract ConfigChangeResult applyConfigurationChange0​(T configuration)
        Implements certificate mapper specific actions when updating the configuration.
        Parameters:
        configuration - the new configuration to use
        Returns:
        the result of applying the new configuration

      • getServerContext

        protected ServerContext getServerContext()
        Returns the server context.
        Returns:
        the server context

      • setServerContext

        public void setServerContext​(ServerContext serverContext)
        Sets the server context.
        Parameters:
        serverContext - the server context