Class DNPattern
- java.lang.Object
-
- com.netscape.cms.authentication.DNPattern
-
public class DNPattern extends java.lang.Objectclass for parsing a DN pattern used to construct a certificate subject name from ldap attributes and dn.dnpattern is a string representing a subject name pattern to formulate from the directory attributes and entry dn. If empty or not set, the ldap entry DN will be used as the certificate subject name.
The syntax is
dnPattern := rdnPattern *[ "," rdnPattern ] rdnPattern := avaPattern *[ "+" avaPattern ] avaPattern := name "=" value | name "=" "$attr" "." attrName [ "." attrNumber ] | name "=" "$dn" "." attrName [ "." attrNumber ] | "$dn" "." "$rdn" "." numberExample1: E=$attr.mail.1, CN=$attr.cn, OU=$dn.ou.2, O=$dn.o, C=US Ldap entry: dn: UID=jjames, OU=IS, OU=people, O=acme.org Ldap attributes: cn: Jesse James Ldap attributes: mail: jjames@acme.org
The subject name formulated will be :
E=jjames@acme.org, CN=Jesse James, OU=people, O=acme.org, C=USE = the first 'mail' ldap attribute value in user's entry.
CN = the (first) 'cn' ldap attribute value in the user's entry.
OU = the second 'ou' value in the user's entry DN.
O = the (first) 'o' value in the user's entry DN.
C = the string "US"Example2: E=$attr.mail.1, CN=$attr.cn, OU=$dn.ou.2, O=$dn.o, C=US Ldap entry: dn: UID=jjames, OU=IS+OU=people, O=acme.org Ldap attributes: cn: Jesse James Ldap attributes: mail: jjames@acme.org
The subject name formulated will be :
E=jjames@acme.org, CN=Jesse James, OU=people, O=acme.org, C=USE = the first 'mail' ldap attribute value in user's entry.
CN = the (first) 'cn' ldap attribute value in the user's entry.
OU = the second 'ou' value in the user's entry DN. note multiple AVAs in a RDN in this example.
O = the (first) 'o' value in the user's entry DN.
C = the string "US"Example3: CN=$attr.cn, $rdn.2, O=$dn.o, C=US Ldap entry: dn: UID=jjames, OU=IS+OU=people, O=acme.org Ldap attributes: cn: Jesse James Ldap attributes: mail: jjames@acme.org
If an attribute or subject DN component does not exist the attribute is skipped.The subject name formulated will be :
CN=Jesse James, OU=IS+OU=people, O=acme.org, C=USCN = the (first) 'cn' ldap attribute value in the user's entry.
followed by the second RDN in the user's entry DN.
O = the (first) 'o' value in the user's entry DN.
C = the string "US"Example4: CN=$attr.cn, OU=$dn.ou.2+OU=$dn.ou.1, O=$dn.o, C=US Ldap entry: dn: UID=jjames, OU=IS+OU=people, O=acme.org Ldap attributes: cn: Jesse James Ldap attributes: mail: jjames@acme.org
The subject name formulated will be :
CN=Jesse James, OU=people+OU=IS, O=acme.org, C=USCN = the (first) 'cn' ldap attribute value in the user's entry.
OU = the second 'ou' value in the user's entry DN followed by the first 'ou' value in the user's entry. note multiple AVAs in a RDN in this example.
O = the (first) 'o' value in the user's entry DN.
C = the string "US"- Version:
- $Revision$, $Date$
-
-
Field Summary
Fields Modifier and Type Field Description protected java.lang.StringmPatternStringprotected com.netscape.cms.authentication.RDNPattern[]mRDNPatternsprotected java.lang.StringmTestDN
-
Method Summary
All Methods Instance Methods Concrete Methods Modifier and Type Method Description java.lang.StringformDN(netscape.ldap.LDAPEntry entry)Form a Ldap v3 DN string from results of a ldap search.java.lang.String[]getLdapAttrs()
-
-
-
Constructor Detail
-
DNPattern
public DNPattern(java.lang.String pattern) throws EAuthExceptionConstruct a DN pattern by parsing a pattern string.- Parameters:
pattern- the DN pattern- Throws:
EBaseException- If parsing error occurs.EAuthException
-
DNPattern
public DNPattern(java.io.PushbackReader in) throws EAuthException- Throws:
EAuthException
-
-
Method Detail
-
formDN
public java.lang.String formDN(netscape.ldap.LDAPEntry entry) throws EAuthExceptionForm a Ldap v3 DN string from results of a ldap search.- Parameters:
entry- LDAPentry from a ldap search- Returns:
- Ldap v3 DN string to use for a subject name.
- Throws:
EAuthException
-
getLdapAttrs
public java.lang.String[] getLdapAttrs()
-
-