Class MapDNPattern


  • public class MapDNPattern
    extends java.lang.Object
    class for parsing a DN pattern used to construct a ldap dn from request attributes and cert subject name.

    dnpattern is a string representing a ldap dn pattern to formulate from the certificate subject name attributes and request attributes . If empty or not set, the certificate subject name will be used as the ldap dn.

    The syntax is

            dnPattern := rdnPattern *[ "," rdnPattern ]
            rdnPattern := avaPattern *[ "+" avaPattern ]
                    avaPattern := name "=" value |
                                  name "=" "$subj" "." attrName [ "." attrNumber ] |
                                  name "=" "$req" "." attrName [ "." attrNumber ] |
                              "$rdn" "." number
     
     Example1: cn=Certificate Manager,ou=people,o=mcom.com
     cert subject name: dn:  CN=Certificate Manager, OU=people, O=mcom.com
     request attributes: uid: cmanager
     

    The dn formulated will be :
    CN=Certificate Manager, OU=people, O=mcom.com

    note: Subordinate ca enrollment will use ca mapper. Use predicate to distinguish the ca itself and the subordinates. Example2: UID=$req.HTTP_PARAMS.uid, OU=$subj.ou, O=people, , O=mcom.com cert subject name: dn: UID=jjames, OU=IS, O=people, , O=mcom.com request attributes: uid: cmanager

    The dn formulated will be :
    UID=jjames, OU=IS, OU=people, O=mcom.com

    UID = the 'uid' attribute value in the request.
    OU = the 'ou' value in the cert subject name.
    O = the string people, mcom.com.

    If an request attribute or subject DN component does not exist, the attribute is skipped. There is potential risk that a wrong dn will be mapped into.
    Version:
    $Revision$, $Date$
    • Field Summary

      Fields 
      Modifier and Type Field Description
      static org.slf4j.Logger logger  
      protected java.lang.String[] mCertAttrs  
      protected java.lang.String mPatternString  
      protected com.netscape.cms.publish.mappers.MapRDNPattern[] mRDNPatterns  
      protected java.lang.String[] mReqAttrs  
      protected java.lang.String mTestDN  
    • Constructor Summary

      Constructors 
      Constructor Description
      MapDNPattern​(java.io.PushbackReader in)  
      MapDNPattern​(java.lang.String pattern)
      Construct a DN pattern by parsing a pattern string.
    • Method Summary

      All Methods Instance Methods Concrete Methods 
      Modifier and Type Method Description
      java.lang.String formDN​(IRequest req, org.mozilla.jss.netscape.security.x509.X500Name subject, org.mozilla.jss.netscape.security.x509.CertificateExtensions ext)
      Form a Ldap v3 DN string from a request and a cert subject name.
      java.lang.String[] getCertAttrs()  
      java.lang.String[] getReqAttrs()  
      • Methods inherited from class java.lang.Object

        clone, equals, finalize, getClass, hashCode, notify, notifyAll, toString, wait, wait, wait
    • Field Detail

      • logger

        public static org.slf4j.Logger logger
      • mReqAttrs

        protected java.lang.String[] mReqAttrs
      • mCertAttrs

        protected java.lang.String[] mCertAttrs
      • mRDNPatterns

        protected com.netscape.cms.publish.mappers.MapRDNPattern[] mRDNPatterns
      • mPatternString

        protected java.lang.String mPatternString
      • mTestDN

        protected java.lang.String mTestDN
    • Constructor Detail

      • MapDNPattern

        public MapDNPattern​(java.lang.String pattern)
                     throws ELdapException
        Construct a DN pattern by parsing a pattern string.
        Parameters:
        pattern - the DN pattern
        Throws:
        EBaseException - If parsing error occurs.
        ELdapException
    • Method Detail

      • formDN

        public java.lang.String formDN​(IRequest req,
                                       org.mozilla.jss.netscape.security.x509.X500Name subject,
                                       org.mozilla.jss.netscape.security.x509.CertificateExtensions ext)
                                throws ELdapException
        Form a Ldap v3 DN string from a request and a cert subject name.
        Parameters:
        req - the request for (un)publish
        subject - the subjectDN of the certificate
        Returns:
        Ldap v3 DN string to use for base ldap search.
        Throws:
        ELdapException
      • getReqAttrs

        public java.lang.String[] getReqAttrs()
      • getCertAttrs

        public java.lang.String[] getCertAttrs()