org.opends.server.extensions
Class SubjectEqualsDNCertificateMapper
java.lang.Object
org.opends.server.api.CertificateMapper<SubjectEqualsDNCertificateMapperCfg>
org.opends.server.extensions.SubjectEqualsDNCertificateMapper
public class SubjectEqualsDNCertificateMapper
- extends CertificateMapper<SubjectEqualsDNCertificateMapperCfg>
This class implements a very simple Directory Server certificate mapper that
will map a certificate to a user only if the subject of the peer certificate
exactly matches the DN of a user in the Directory Server.
Methods inherited from class java.lang.Object |
clone, equals, finalize, getClass, hashCode, notify, notifyAll, toString, wait, wait, wait |
SubjectEqualsDNCertificateMapper
public SubjectEqualsDNCertificateMapper()
- Creates a new instance of this certificate mapper. Note that all actual
initialization should be done in the
initializeCertificateMapper
method.
initializeCertificateMapper
public void initializeCertificateMapper(SubjectEqualsDNCertificateMapperCfg configuration)
throws ConfigException,
InitializationException
- Initializes this certificate mapper based on the information in
the provided configuration entry.
- Specified by:
initializeCertificateMapper
in class CertificateMapper<SubjectEqualsDNCertificateMapperCfg>
- Parameters:
configuration
- The configuration that should be used to
intialize this certificate mapper.
- Throws:
ConfigException
- If the provided entry does not contain
a valid certificate mapper
configuration.
InitializationException
- If a problem occurs during
initialization that is not
related to the server
configuration.
mapCertificateToUser
public Entry mapCertificateToUser(java.security.cert.Certificate[] certificateChain)
throws DirectoryException
- Establishes a mapping between the information in the provided certificate
chain to the DN of a single user in the Directory Server.
- Specified by:
mapCertificateToUser
in class CertificateMapper<SubjectEqualsDNCertificateMapperCfg>
- Parameters:
certificateChain
- The certificate chain presented by the client
during SSL negotiation. The peer certificate
will be listed first, followed by the ordered
issuer chain as appropriate.
- Returns:
- The DN of the one user to whom the mapping was established, or
null
if no mapping was established and no special
message is required to send back to the client.
- Throws:
DirectoryException
- If a problem occurred while attempting to
establish the mapping. This may include
internal failures, a mapping which matches
multiple users, or any other case in which an
error message should be returned to the
client.