Package org.opends.server.extensions
Class SubjectDNToUserAttributeCertificateMapper
java.lang.Object
org.opends.server.api.CertificateMapper<SubjectDnToUserAttributeCertificateMapperCfg>
org.opends.server.extensions.SubjectDNToUserAttributeCertificateMapper
- All Implemented Interfaces:
ConfigurationChangeListener<SubjectDnToUserAttributeCertificateMapperCfg>
public final class SubjectDNToUserAttributeCertificateMapper
extends CertificateMapper<SubjectDnToUserAttributeCertificateMapperCfg>
This class implements a very simple Directory Server certificate mapper that will map a certificate to a user only if
that user's entry contains an attribute with the subject of the client certificate. There must be exactly one
matching user entry for the mapping to be successful.
-
Constructor Summary
Constructors -
Method Summary
Modifier and TypeMethodDescriptionprotected ConfigChangeResultImplements certificate mapper specific actions when updating the configuration.voidPerforms any finalization that may be necessary for this certificate mapper.protected voidImplements certificate mapper specific actions when initializing the certificate mapper.protected EntrymapCertificateToUser0(Certificate[] certificateChain) Implements certificate mapper specific logic for mapping the provided certificate to a user entry.Methods inherited from class org.opends.server.api.CertificateMapper
applyConfigurationChange, getServerContext, initializeCertificateMapper, isConfigurationAcceptable, isConfigurationChangeAcceptable, mapCertificateToUser, setServerContext
-
Constructor Details
-
SubjectDNToUserAttributeCertificateMapper
public SubjectDNToUserAttributeCertificateMapper()
-
-
Method Details
-
initializeCertificateMapper0
Description copied from class:CertificateMapperImplements certificate mapper specific actions when initializing the certificate mapper.- Specified by:
initializeCertificateMapper0in classCertificateMapper<SubjectDnToUserAttributeCertificateMapperCfg>- Parameters:
cfg- The configuration that should be used to initialize this certificate mapper.
-
finalizeCertificateMapper
public void finalizeCertificateMapper()Description copied from class:CertificateMapperPerforms any finalization that may be necessary for this certificate mapper. By default, no finalization is performed.- Overrides:
finalizeCertificateMapperin classCertificateMapper<SubjectDnToUserAttributeCertificateMapperCfg>
-
mapCertificateToUser0
Description copied from class:CertificateMapperImplements certificate mapper specific logic for mapping the provided certificate to a user entry.- Specified by:
mapCertificateToUser0in classCertificateMapper<SubjectDnToUserAttributeCertificateMapperCfg>- Parameters:
certificateChain- The certificate chain presented by the client during SSL negotiation. The peer certificate will be listed first, followed by the ordered issuer chain as appropriate.- Returns:
- The entry for the user to whom the mapping was established, or
nullif no mapping was established and no special message is required to send back to the client. - Throws:
LdapException- If a problem occurred while attempting to establish the mapping. This may include internal failures, a mapping which matches multiple users, or any other case in which an error message should be returned to the client.
-
applyConfigurationChange0
protected ConfigChangeResult applyConfigurationChange0(SubjectDnToUserAttributeCertificateMapperCfg configuration) Description copied from class:CertificateMapperImplements certificate mapper specific actions when updating the configuration.- Specified by:
applyConfigurationChange0in classCertificateMapper<SubjectDnToUserAttributeCertificateMapperCfg>- Parameters:
configuration- the new configuration to use- Returns:
- the result of applying the new configuration
-