com.netscape.cms.publish.mappers

Class MapDNPattern

java.lang.Object

com.netscape.cms.publish.mappers.MapDNPattern

public class MapDNPattern
extends java.lang.Object

class for parsing a DN pattern used to construct a ldap dn from request attributes and cert subject name.

dnpattern is a string representing a ldap dn pattern to formulate from the certificate subject name attributes and request attributes . If empty or not set, the certificate subject name will be used as the ldap dn.

The syntax is

        dnPattern := rdnPattern *[ "," rdnPattern ]
        rdnPattern := avaPattern *[ "+" avaPattern ]
                avaPattern := name "=" value |
                              name "=" "$subj" "." attrName [ "." attrNumber ] |
                              name "=" "$req" "." attrName [ "." attrNumber ] |
                          "$rdn" "." number
 

 Example1: cn=Certificate Manager,ou=people,o=mcom.com
 cert subject name: dn:  CN=Certificate Manager, OU=people, O=mcom.com
 request attributes: uid: cmanager
 

 The dn formulated will be : 

     CN=Certificate Manager, OU=people, O=mcom.com
 

 note: Subordinate ca enrollment will use ca mapper. Use predicate
 to distinguish the ca itself and the subordinates.

 Example2: UID=$req.HTTP_PARAMS.uid, OU=$subj.ou, O=people, , O=mcom.com
 cert subject name: dn:  UID=jjames, OU=IS, O=people, , O=mcom.com
 request attributes: uid: cmanager
 

 The dn formulated will be : 

     UID=jjames, OU=IS, OU=people, O=mcom.com
 

     UID = the 'uid' attribute value in the request. 

     OU = the 'ou' value in the cert subject name.  

     O = the string people, mcom.com. 

 

 

If an request attribute or subject DN component does not exist, the attribute is skipped. There is potential risk that a wrong dn will be mapped into.

Version:

$Revision$, $Date$

Field Summary

Fields

Modifier and Type	Field and Description
protected java.lang.String[]	mCertAttrs
protected java.lang.String	mPatternString
protected com.netscape.cms.publish.mappers.MapRDNPattern[]	mRDNPatterns
protected java.lang.String[]	mReqAttrs
protected java.lang.String	mTestDN

Constructor Summary

Constructors

Constructor and Description
MapDNPattern(java.io.PushbackReader in)
MapDNPattern(java.lang.String pattern) Construct a DN pattern by parsing a pattern string.

Method Summary

Modifier and Type	Method and Description
java.lang.String	formDN(IRequest req, netscape.security.x509.X500Name subject, netscape.security.x509.CertificateExtensions ext) Form a Ldap v3 DN string from a request and a cert subject name.
java.lang.String[]	getCertAttrs()
java.lang.String[]	getReqAttrs()

Methods inherited from class java.lang.Object

clone, equals, finalize, getClass, hashCode, notify, notifyAll, toString, wait, wait, wait

Field Detail

mReqAttrs

protected java.lang.String[] mReqAttrs

mCertAttrs

protected java.lang.String[] mCertAttrs

mRDNPatterns

protected com.netscape.cms.publish.mappers.MapRDNPattern[] mRDNPatterns

mPatternString

protected java.lang.String mPatternString

mTestDN

protected java.lang.String mTestDN

Constructor Detail

MapDNPattern

public MapDNPattern(java.lang.String pattern)
             throws ELdapException

Construct a DN pattern by parsing a pattern string.

Parameters:

pattern - the DN pattern

Throws:

EBaseException - If parsing error occurs.

ELdapException

MapDNPattern

public MapDNPattern(java.io.PushbackReader in)
             throws ELdapException

Throws:

ELdapException

Method Detail

formDN

public java.lang.String formDN(IRequest req,
                               netscape.security.x509.X500Name subject,
                               netscape.security.x509.CertificateExtensions ext)
                        throws ELdapException

Form a Ldap v3 DN string from a request and a cert subject name.

Parameters:

req - the request for (un)publish

subject - the subjectDN of the certificate

Returns:

Ldap v3 DN string to use for base ldap search.

Throws:

ELdapException

getReqAttrs

public java.lang.String[] getReqAttrs()

getCertAttrs

public java.lang.String[] getCertAttrs()