Class MapDNPattern
- java.lang.Object
-
- com.netscape.cms.publish.mappers.MapDNPattern
-
public class MapDNPattern extends java.lang.Object
class for parsing a DN pattern used to construct a ldap dn from request attributes and cert subject name.dnpattern is a string representing a ldap dn pattern to formulate from the certificate subject name attributes and request attributes . If empty or not set, the certificate subject name will be used as the ldap dn.
The syntax is
dnPattern := rdnPattern *[ "," rdnPattern ] rdnPattern := avaPattern *[ "+" avaPattern ] avaPattern := name "=" value | name "=" "$subj" "." attrName [ "." attrNumber ] | name "=" "$req" "." attrName [ "." attrNumber ] | "$rdn" "." number
Example1: cn=Certificate Manager,ou=people,o=mcom.com cert subject name: dn: CN=Certificate Manager, OU=people, O=mcom.com request attributes: uid: cmanager
If an request attribute or subject DN component does not exist, the attribute is skipped. There is potential risk that a wrong dn will be mapped into.The dn formulated will be :
CN=Certificate Manager, OU=people, O=mcom.comnote: Subordinate ca enrollment will use ca mapper. Use predicate to distinguish the ca itself and the subordinates. Example2: UID=$req.HTTP_PARAMS.uid, OU=$subj.ou, O=people, , O=mcom.com cert subject name: dn: UID=jjames, OU=IS, O=people, , O=mcom.com request attributes: uid: cmanager
The dn formulated will be :
UID=jjames, OU=IS, OU=people, O=mcom.comUID = the 'uid' attribute value in the request.
OU = the 'ou' value in the cert subject name.
O = the string people, mcom.com.
- Version:
- $Revision$, $Date$
-
-
Field Summary
Fields Modifier and Type Field Description static org.slf4j.Logger
logger
protected java.lang.String[]
mCertAttrs
protected java.lang.String
mPatternString
protected com.netscape.cms.publish.mappers.MapRDNPattern[]
mRDNPatterns
protected java.lang.String[]
mReqAttrs
protected java.lang.String
mTestDN
-
Constructor Summary
Constructors Constructor Description MapDNPattern(java.io.PushbackReader in)
MapDNPattern(java.lang.String pattern)
Construct a DN pattern by parsing a pattern string.
-
Method Summary
All Methods Instance Methods Concrete Methods Modifier and Type Method Description java.lang.String
formDN(com.netscape.certsrv.request.IRequest req, org.mozilla.jss.netscape.security.x509.X500Name subject, org.mozilla.jss.netscape.security.x509.CertificateExtensions ext)
Form a Ldap v3 DN string from a request and a cert subject name.java.lang.String[]
getCertAttrs()
java.lang.String[]
getReqAttrs()
-
-
-
Field Detail
-
logger
public static org.slf4j.Logger logger
-
mReqAttrs
protected java.lang.String[] mReqAttrs
-
mCertAttrs
protected java.lang.String[] mCertAttrs
-
mRDNPatterns
protected com.netscape.cms.publish.mappers.MapRDNPattern[] mRDNPatterns
-
mPatternString
protected java.lang.String mPatternString
-
mTestDN
protected java.lang.String mTestDN
-
-
Constructor Detail
-
MapDNPattern
public MapDNPattern(java.lang.String pattern) throws com.netscape.certsrv.ldap.ELdapException
Construct a DN pattern by parsing a pattern string.- Parameters:
pattern
- the DN pattern- Throws:
EBaseException
- If parsing error occurs.com.netscape.certsrv.ldap.ELdapException
-
MapDNPattern
public MapDNPattern(java.io.PushbackReader in) throws com.netscape.certsrv.ldap.ELdapException
- Throws:
com.netscape.certsrv.ldap.ELdapException
-
-
Method Detail
-
formDN
public java.lang.String formDN(com.netscape.certsrv.request.IRequest req, org.mozilla.jss.netscape.security.x509.X500Name subject, org.mozilla.jss.netscape.security.x509.CertificateExtensions ext) throws com.netscape.certsrv.ldap.ELdapException
Form a Ldap v3 DN string from a request and a cert subject name.- Parameters:
req
- the request for (un)publishsubject
- the subjectDN of the certificate- Returns:
- Ldap v3 DN string to use for base ldap search.
- Throws:
com.netscape.certsrv.ldap.ELdapException
-
getReqAttrs
public java.lang.String[] getReqAttrs()
-
getCertAttrs
public java.lang.String[] getCertAttrs()
-
-