Class LdapUserCertPublisher

java.lang.Object
com.netscape.cms.publish.publishers.LdapUserCertPublisher
All Implemented Interfaces:
IExtendedPluginInfo, ILdapPlugin, ILdapPublisher

public class LdapUserCertPublisher extends Object implements ILdapPublisher, IExtendedPluginInfo
Interface for mapping a X509 certificate to a LDAP entry
Version:
$Revision$, $Date$
  • Field Details

    • logger

      public static org.slf4j.Logger logger
    • LDAP_USERCERT_ATTR

      public static final String LDAP_USERCERT_ATTR
      See Also:
    • mCertAttr

      protected String mCertAttr
  • Constructor Details

    • LdapUserCertPublisher

      public LdapUserCertPublisher()
    • LdapUserCertPublisher

      public LdapUserCertPublisher(String certAttr)
  • Method Details

    • getImplName

      public String getImplName()
      Description copied from interface: ILdapPublisher
      Returns the implementation name.
      Specified by:
      getImplName in interface ILdapPublisher
    • getDescription

      public String getDescription()
      Description copied from interface: ILdapPublisher
      Returns the description of the publisher.
      Specified by:
      getDescription in interface ILdapPublisher
    • getExtendedPluginInfo

      public String[] getExtendedPluginInfo()
      Description copied from interface: IExtendedPluginInfo
      This method returns an array of strings. Each element of the array represents a configurable parameter, or some other meta-info (such as help-token) there is an entry indexed on that parameter name Where: type_info is either 'string', 'number', 'boolean', 'password' or 'choice(ch1,ch2,ch3,...)' If the marker 'required' is included after the type_info, the parameter will has some visually distinctive marking in the UI. 'description' is a short sentence describing the parameter 'choice' is rendered as a drop-down list. The first parameter in the list will be activated by default 'boolean' is rendered as a checkbox. The resulting parameter will be either 'true' or 'false' 'string' allows any characters 'number' allows only numbers 'password' is rendered as a password field (the characters are replaced with *'s when being types. This parameter is not passed through to the plugin. It is instead inserted directly into the password cache keyed on the instance name. The value of the parameter 'bindPWPrompt' (see example below) is set to the key. In addition to the configurable parameters, the following magic parameters may be defined: HELP_TOKEN;helptoken - a pointer to the online manual section for this plugin HELP_TEXT;helptext - a general help string describing the plugin For example: "username;string;The username you wish to login as" "bindPWPrompt;password;Enter password to bind as above user with" "algorithm;choice(RSA,DSA);Which algorithm do you want to use" "enable;boolean;Do you want to run this plugin" "port;number;Which port number do you want to use"
      Specified by:
      getExtendedPluginInfo in interface IExtendedPluginInfo
    • getInstanceParams

      public Vector<String> getInstanceParams()
      Description copied from interface: ILdapPublisher
      Returns the current instance parameters.
      Specified by:
      getInstanceParams in interface ILdapPublisher
    • getDefaultParams

      public Vector<String> getDefaultParams()
      Description copied from interface: ILdapPublisher
      Returns the initial default parameters.
      Specified by:
      getDefaultParams in interface ILdapPublisher
    • getConfigStore

      public ConfigStore getConfigStore()
      Description copied from interface: ILdapPlugin
      Return config store.
      Specified by:
      getConfigStore in interface ILdapPlugin
    • init

      public void init(ConfigStore config) throws EBaseException
      Description copied from interface: ILdapPlugin
      Initialize from config store.
      Specified by:
      init in interface ILdapPlugin
      Parameters:
      config - the configuration store to initialize from.
      Throws:
      ELdapException - initialization failed due to Ldap error.
      EBaseException - initialization failed.
    • publish

      public void publish(netscape.ldap.LDAPConnection conn, String dn, Object certObj) throws ELdapException
      publish a user certificate Adds the cert to the multi-valued certificate attribute as a DER encoded binary blob. Does not check if cert already exists.
      Specified by:
      publish in interface ILdapPublisher
      Parameters:
      conn - the LDAP connection
      dn - dn of the entry to publish the certificate
      certObj - the certificate object.
      Throws:
      ELdapException - publish failed.
    • unpublish

      public void unpublish(netscape.ldap.LDAPConnection conn, String dn, Object certObj) throws ELdapException
      unpublish a user certificate deletes the certificate from the list of certificates. does not check if certificate is already there.
      Specified by:
      unpublish in interface ILdapPublisher
      Parameters:
      conn - the Ldap connection (null for non-LDAP publishing)
      dn - dn of the ldap entry to unpublish cert (null for non-LDAP publishing)
      certObj - object to unpublish (java.security.cert.X509Certificate)
      Throws:
      ELdapException - unpublish failed.
    • ByteValueExists

      public static boolean ByteValueExists(netscape.ldap.LDAPAttribute attr, byte[] bval)
      checks if a byte attribute has a certain value.
    • StringValueExists

      public static boolean StringValueExists(netscape.ldap.LDAPAttribute attr, String sval)
      checks if a attribute has a string value.