org.opends.server.extensions

Class FingerprintCertificateMapper

java.lang.Object

org.opends.server.api.CertificateMapper<FingerprintCertificateMapperCfg>

org.opends.server.extensions.FingerprintCertificateMapper

All Implemented Interfaces:

ConfigurationChangeListener<FingerprintCertificateMapperCfg>

public class FingerprintCertificateMapper
extends CertificateMapper<FingerprintCertificateMapperCfg>

This class implements a very simple Directory Server certificate mapper that will map a certificate to a user only if that user's entry contains an attribute with the fingerprint of the client certificate. There must be exactly one matching user entry for the mapping to be successful.

Constructor Summary

Constructors

Constructor and Description
FingerprintCertificateMapper()

Method Summary

Modifier and Type	Method and Description
protected ConfigChangeResult	applyConfigurationChange0(FingerprintCertificateMapperCfg configuration) Implements certificate mapper specific actions when updating the configuration.
void	finalizeCertificateMapper() Performs any finalization that may be necessary for this certificate mapper.
protected void	initializeCertificateMapper0(FingerprintCertificateMapperCfg configuration) Implements certificate mapper specific actions when initializing the certificate mapper.
protected Entry	mapCertificateToUser0(Certificate[] certificateChain) Implements certificate mapper specific logic for mapping the provided certificate to a user entry.

Methods inherited from class org.opends.server.api.CertificateMapper

applyConfigurationChange, initializeCertificateMapper, isConfigurationAcceptable, isConfigurationChangeAcceptable, mapCertificateToUser

Methods inherited from class java.lang.Object

clone, equals, finalize, getClass, hashCode, notify, notifyAll, toString, wait, wait, wait

Constructor Detail

FingerprintCertificateMapper

public FingerprintCertificateMapper()

Method Detail

initializeCertificateMapper0

protected void initializeCertificateMapper0(FingerprintCertificateMapperCfg configuration)

Description copied from class: CertificateMapper

Implements certificate mapper specific actions when initializing the certificate mapper.

Specified by:

initializeCertificateMapper0 in class CertificateMapper<FingerprintCertificateMapperCfg>

Parameters:

configuration - The configuration that should be used to intialize this certificate mapper.

finalizeCertificateMapper

public void finalizeCertificateMapper()

Description copied from class: CertificateMapper

Performs any finalization that may be necessary for this certificate mapper. By default, no finalization is performed.

Overrides:

finalizeCertificateMapper in class CertificateMapper<FingerprintCertificateMapperCfg>

mapCertificateToUser0

protected Entry mapCertificateToUser0(Certificate[] certificateChain)
                               throws LdapException

Description copied from class: CertificateMapper

Implements certificate mapper specific logic for mapping the provided certificate to a user entry.

Specified by:

mapCertificateToUser0 in class CertificateMapper<FingerprintCertificateMapperCfg>

Parameters:

certificateChain - The certificate chain presented by the client during SSL negotiation. The peer certificate will be listed first, followed by the ordered issuer chain as appropriate.

Returns:

The entry for the user to whom the mapping was established, or null if no mapping was established and no special message is required to send back to the client.

Throws:

LdapException - If a problem occurred while attempting to establish the mapping. This may include internal failures, a mapping which matches multiple users, or any other case in which an error message should be returned to the client.

applyConfigurationChange0

protected ConfigChangeResult applyConfigurationChange0(FingerprintCertificateMapperCfg configuration)

Description copied from class: CertificateMapper

Implements certificate mapper specific actions when updating the configuration.

Specified by:

applyConfigurationChange0 in class CertificateMapper<FingerprintCertificateMapperCfg>

Parameters:

configuration - the new configuration to use

Returns:

the result of applying the new configuration