Package org.opends.server.extensions
Class SubjectDNToUserAttributeCertificateMapper
- java.lang.Object
-
- org.opends.server.api.CertificateMapper<SubjectDnToUserAttributeCertificateMapperCfg>
-
- org.opends.server.extensions.SubjectDNToUserAttributeCertificateMapper
-
- All Implemented Interfaces:
ConfigurationChangeListener<SubjectDnToUserAttributeCertificateMapperCfg>
public class SubjectDNToUserAttributeCertificateMapper extends CertificateMapper<SubjectDnToUserAttributeCertificateMapperCfg>
This class implements a very simple Directory Server certificate mapper that will map a certificate to a user only if that user's entry contains an attribute with the subject of the client certificate. There must be exactly one matching user entry for the mapping to be successful.
-
-
Constructor Summary
Constructors Constructor Description SubjectDNToUserAttributeCertificateMapper()
-
Method Summary
All Methods Instance Methods Concrete Methods Modifier and Type Method Description protected ConfigChangeResult
applyConfigurationChange0(SubjectDnToUserAttributeCertificateMapperCfg configuration)
Implements certificate mapper specific actions when updating the configuration.void
finalizeCertificateMapper()
Performs any finalization that may be necessary for this certificate mapper.protected void
initializeCertificateMapper0(SubjectDnToUserAttributeCertificateMapperCfg cfg)
Implements certificate mapper specific actions when initializing the certificate mapper.protected Entry
mapCertificateToUser0(Certificate[] certificateChain)
Implements certificate mapper specific logic for mapping the provided certificate to a user entry.-
Methods inherited from class org.opends.server.api.CertificateMapper
applyConfigurationChange, getServerContext, initializeCertificateMapper, isConfigurationAcceptable, isConfigurationChangeAcceptable, mapCertificateToUser, setServerContext
-
-
-
-
Method Detail
-
initializeCertificateMapper0
protected void initializeCertificateMapper0(SubjectDnToUserAttributeCertificateMapperCfg cfg)
Description copied from class:CertificateMapper
Implements certificate mapper specific actions when initializing the certificate mapper.- Specified by:
initializeCertificateMapper0
in classCertificateMapper<SubjectDnToUserAttributeCertificateMapperCfg>
- Parameters:
cfg
- The configuration that should be used to initialize this certificate mapper.
-
finalizeCertificateMapper
public void finalizeCertificateMapper()
Description copied from class:CertificateMapper
Performs any finalization that may be necessary for this certificate mapper. By default, no finalization is performed.- Overrides:
finalizeCertificateMapper
in classCertificateMapper<SubjectDnToUserAttributeCertificateMapperCfg>
-
mapCertificateToUser0
protected Entry mapCertificateToUser0(Certificate[] certificateChain) throws LdapException
Description copied from class:CertificateMapper
Implements certificate mapper specific logic for mapping the provided certificate to a user entry.- Specified by:
mapCertificateToUser0
in classCertificateMapper<SubjectDnToUserAttributeCertificateMapperCfg>
- Parameters:
certificateChain
- The certificate chain presented by the client during SSL negotiation. The peer certificate will be listed first, followed by the ordered issuer chain as appropriate.- Returns:
- The entry for the user to whom the mapping was established, or
null
if no mapping was established and no special message is required to send back to the client. - Throws:
LdapException
- If a problem occurred while attempting to establish the mapping. This may include internal failures, a mapping which matches multiple users, or any other case in which an error message should be returned to the client.
-
applyConfigurationChange0
protected ConfigChangeResult applyConfigurationChange0(SubjectDnToUserAttributeCertificateMapperCfg configuration)
Description copied from class:CertificateMapper
Implements certificate mapper specific actions when updating the configuration.- Specified by:
applyConfigurationChange0
in classCertificateMapper<SubjectDnToUserAttributeCertificateMapperCfg>
- Parameters:
configuration
- the new configuration to use- Returns:
- the result of applying the new configuration
-
-