Package org.opends.server.extensions
Class SubjectEqualsDNCertificateMapper
java.lang.Object
org.opends.server.api.CertificateMapper<SubjectEqualsDnCertificateMapperCfg>
org.opends.server.extensions.SubjectEqualsDNCertificateMapper
- All Implemented Interfaces:
ConfigurationChangeListener<SubjectEqualsDnCertificateMapperCfg>
public final class SubjectEqualsDNCertificateMapper
extends CertificateMapper<SubjectEqualsDnCertificateMapperCfg>
This class implements a very simple Directory Server certificate mapper that will map a certificate to a user only if
the subject of the peer certificate exactly matches the DN of a user in the Directory Server.
-
Constructor Summary
ConstructorsConstructorDescriptionCreates a new instance of this certificate mapper. -
Method Summary
Modifier and TypeMethodDescriptionprotected ConfigChangeResultapplyConfigurationChange0(SubjectEqualsDnCertificateMapperCfg configuration) Implements certificate mapper specific actions when updating the configuration.voidPerforms any finalization that may be necessary for this certificate mapper.protected voidinitializeCertificateMapper0(SubjectEqualsDnCertificateMapperCfg configuration) Implements certificate mapper specific actions when initializing the certificate mapper.mapCertificateToUser0(Certificate[] certificateChain) Establishes a mapping between the information in the provided certificate chain to the DN of a single user in the Directory Server.Methods inherited from class org.opends.server.api.CertificateMapper
applyConfigurationChange, getServerContext, initializeCertificateMapper, isConfigurationAcceptable, isConfigurationChangeAcceptable, mapCertificateToUser, setServerContext
-
Constructor Details
-
SubjectEqualsDNCertificateMapper
public SubjectEqualsDNCertificateMapper()Creates a new instance of this certificate mapper. Note that all actual initialization should be done in theinitializeCertificateMappermethod.
-
-
Method Details
-
initializeCertificateMapper0
Description copied from class:CertificateMapperImplements certificate mapper specific actions when initializing the certificate mapper.- Specified by:
initializeCertificateMapper0in classCertificateMapper<SubjectEqualsDnCertificateMapperCfg>- Parameters:
configuration- The configuration that should be used to initialize this certificate mapper.
-
mapCertificateToUser0
Establishes a mapping between the information in the provided certificate chain to the DN of a single user in the Directory Server.- Specified by:
mapCertificateToUser0in classCertificateMapper<SubjectEqualsDnCertificateMapperCfg>- Parameters:
certificateChain- The certificate chain presented by the client during SSL negotiation. The peer certificate will be listed first, followed by the ordered issuer chain as appropriate.- Returns:
- The DN of the one user to whom the mapping was established, or
nullif no mapping was established and no special message is required to send back to the client. - Throws:
LdapException- If a problem occurred while attempting to establish the mapping. This may include internal failures, a mapping which matches multiple users, or any other case in which an error message should be returned to the client.
-
applyConfigurationChange0
protected ConfigChangeResult applyConfigurationChange0(SubjectEqualsDnCertificateMapperCfg configuration) Description copied from class:CertificateMapperImplements certificate mapper specific actions when updating the configuration.- Specified by:
applyConfigurationChange0in classCertificateMapper<SubjectEqualsDnCertificateMapperCfg>- Parameters:
configuration- the new configuration to use- Returns:
- the result of applying the new configuration
-
finalizeCertificateMapper
public void finalizeCertificateMapper()Description copied from class:CertificateMapperPerforms any finalization that may be necessary for this certificate mapper. By default, no finalization is performed.- Overrides:
finalizeCertificateMapperin classCertificateMapper<SubjectEqualsDnCertificateMapperCfg>
-