Package org.opends.server.extensions
Class SubjectEqualsDNCertificateMapper
- java.lang.Object
-
- org.opends.server.api.CertificateMapper<SubjectEqualsDnCertificateMapperCfg>
-
- org.opends.server.extensions.SubjectEqualsDNCertificateMapper
-
- All Implemented Interfaces:
ConfigurationChangeListener<SubjectEqualsDnCertificateMapperCfg>
public class SubjectEqualsDNCertificateMapper extends CertificateMapper<SubjectEqualsDnCertificateMapperCfg>
This class implements a very simple Directory Server certificate mapper that will map a certificate to a user only if the subject of the peer certificate exactly matches the DN of a user in the Directory Server.
-
-
Constructor Summary
Constructors Constructor Description SubjectEqualsDNCertificateMapper()
Creates a new instance of this certificate mapper.
-
Method Summary
All Methods Instance Methods Concrete Methods Modifier and Type Method Description protected ConfigChangeResult
applyConfigurationChange0(SubjectEqualsDnCertificateMapperCfg configuration)
Implements certificate mapper specific actions when updating the configuration.void
finalizeCertificateMapper()
Performs any finalization that may be necessary for this certificate mapper.protected void
initializeCertificateMapper0(SubjectEqualsDnCertificateMapperCfg configuration)
Implements certificate mapper specific actions when initializing the certificate mapper.Entry
mapCertificateToUser0(Certificate[] certificateChain)
Establishes a mapping between the information in the provided certificate chain to the DN of a single user in the Directory Server.-
Methods inherited from class org.opends.server.api.CertificateMapper
applyConfigurationChange, getServerContext, initializeCertificateMapper, isConfigurationAcceptable, isConfigurationChangeAcceptable, mapCertificateToUser, setServerContext
-
-
-
-
Method Detail
-
initializeCertificateMapper0
protected void initializeCertificateMapper0(SubjectEqualsDnCertificateMapperCfg configuration)
Description copied from class:CertificateMapper
Implements certificate mapper specific actions when initializing the certificate mapper.- Specified by:
initializeCertificateMapper0
in classCertificateMapper<SubjectEqualsDnCertificateMapperCfg>
- Parameters:
configuration
- The configuration that should be used to initialize this certificate mapper.
-
mapCertificateToUser0
public Entry mapCertificateToUser0(Certificate[] certificateChain) throws LdapException
Establishes a mapping between the information in the provided certificate chain to the DN of a single user in the Directory Server.- Specified by:
mapCertificateToUser0
in classCertificateMapper<SubjectEqualsDnCertificateMapperCfg>
- Parameters:
certificateChain
- The certificate chain presented by the client during SSL negotiation. The peer certificate will be listed first, followed by the ordered issuer chain as appropriate.- Returns:
- The DN of the one user to whom the mapping was established, or
null
if no mapping was established and no special message is required to send back to the client. - Throws:
LdapException
- If a problem occurred while attempting to establish the mapping. This may include internal failures, a mapping which matches multiple users, or any other case in which an error message should be returned to the client.
-
applyConfigurationChange0
protected ConfigChangeResult applyConfigurationChange0(SubjectEqualsDnCertificateMapperCfg configuration)
Description copied from class:CertificateMapper
Implements certificate mapper specific actions when updating the configuration.- Specified by:
applyConfigurationChange0
in classCertificateMapper<SubjectEqualsDnCertificateMapperCfg>
- Parameters:
configuration
- the new configuration to use- Returns:
- the result of applying the new configuration
-
finalizeCertificateMapper
public void finalizeCertificateMapper()
Description copied from class:CertificateMapper
Performs any finalization that may be necessary for this certificate mapper. By default, no finalization is performed.- Overrides:
finalizeCertificateMapper
in classCertificateMapper<SubjectEqualsDnCertificateMapperCfg>
-
-