Class DNPattern
- java.lang.Object
-
- com.netscape.cms.authentication.DNPattern
-
public class DNPattern extends java.lang.Object
class for parsing a DN pattern used to construct a certificate subject name from ldap attributes and dn.dnpattern is a string representing a subject name pattern to formulate from the directory attributes and entry dn. If empty or not set, the ldap entry DN will be used as the certificate subject name.
The syntax is
dnPattern := rdnPattern *[ "," rdnPattern ] rdnPattern := avaPattern *[ "+" avaPattern ] avaPattern := name "=" value | name "=" "$attr" "." attrName [ "." attrNumber ] | name "=" "$dn" "." attrName [ "." attrNumber ] | "$dn" "." "$rdn" "." number
Example1: E=$attr.mail.1, CN=$attr.cn, OU=$dn.ou.2, O=$dn.o, C=US Ldap entry: dn: UID=jjames, OU=IS, OU=people, O=acme.org Ldap attributes: cn: Jesse James Ldap attributes: mail: jjames@acme.org
The subject name formulated will be :
E=jjames@acme.org, CN=Jesse James, OU=people, O=acme.org, C=USE = the first 'mail' ldap attribute value in user's entry.
CN = the (first) 'cn' ldap attribute value in the user's entry.
OU = the second 'ou' value in the user's entry DN.
O = the (first) 'o' value in the user's entry DN.
C = the string "US"Example2: E=$attr.mail.1, CN=$attr.cn, OU=$dn.ou.2, O=$dn.o, C=US Ldap entry: dn: UID=jjames, OU=IS+OU=people, O=acme.org Ldap attributes: cn: Jesse James Ldap attributes: mail: jjames@acme.org
The subject name formulated will be :
E=jjames@acme.org, CN=Jesse James, OU=people, O=acme.org, C=USE = the first 'mail' ldap attribute value in user's entry.
CN = the (first) 'cn' ldap attribute value in the user's entry.
OU = the second 'ou' value in the user's entry DN. note multiple AVAs in a RDN in this example.
O = the (first) 'o' value in the user's entry DN.
C = the string "US"Example3: CN=$attr.cn, $rdn.2, O=$dn.o, C=US Ldap entry: dn: UID=jjames, OU=IS+OU=people, O=acme.org Ldap attributes: cn: Jesse James Ldap attributes: mail: jjames@acme.org
If an attribute or subject DN component does not exist the attribute is skipped.The subject name formulated will be :
CN=Jesse James, OU=IS+OU=people, O=acme.org, C=USCN = the (first) 'cn' ldap attribute value in the user's entry.
followed by the second RDN in the user's entry DN.
O = the (first) 'o' value in the user's entry DN.
C = the string "US"Example4: CN=$attr.cn, OU=$dn.ou.2+OU=$dn.ou.1, O=$dn.o, C=US Ldap entry: dn: UID=jjames, OU=IS+OU=people, O=acme.org Ldap attributes: cn: Jesse James Ldap attributes: mail: jjames@acme.org
The subject name formulated will be :
CN=Jesse James, OU=people+OU=IS, O=acme.org, C=USCN = the (first) 'cn' ldap attribute value in the user's entry.
OU = the second 'ou' value in the user's entry DN followed by the first 'ou' value in the user's entry. note multiple AVAs in a RDN in this example.
O = the (first) 'o' value in the user's entry DN.
C = the string "US"- Version:
- $Revision$, $Date$
-
-
Field Summary
Fields Modifier and Type Field Description protected java.lang.String
mPatternString
protected com.netscape.cms.authentication.RDNPattern[]
mRDNPatterns
protected java.lang.String
mTestDN
-
Method Summary
All Methods Instance Methods Concrete Methods Modifier and Type Method Description java.lang.String
formDN(netscape.ldap.LDAPEntry entry)
Form a Ldap v3 DN string from results of a ldap search.java.lang.String[]
getLdapAttrs()
-
-
-
Constructor Detail
-
DNPattern
public DNPattern(java.lang.String pattern) throws EAuthException
Construct a DN pattern by parsing a pattern string.- Parameters:
pattern
- the DN pattern- Throws:
EBaseException
- If parsing error occurs.EAuthException
-
DNPattern
public DNPattern(java.io.PushbackReader in) throws EAuthException
- Throws:
EAuthException
-
-
Method Detail
-
formDN
public java.lang.String formDN(netscape.ldap.LDAPEntry entry) throws EAuthException
Form a Ldap v3 DN string from results of a ldap search.- Parameters:
entry
- LDAPentry from a ldap search- Returns:
- Ldap v3 DN string to use for a subject name.
- Throws:
EAuthException
-
getLdapAttrs
public java.lang.String[] getLdapAttrs()
-
-