Overview  Package   Class  Use  Tree  Deprecated  Index  Help 
 PREV CLASS   NEXT CLASS FRAMES    NO FRAMES    
SUMMARY: NESTED | FIELD | CONSTR | METHOD DETAIL: FIELD | CONSTR | METHOD

org.jasig.cas.adaptors.x509.authentication.principal
Class X509CertificateCredentialsToSerialNumberAndIssuerDNPrincipalResolver

java.lang.Object
  extended by org.jasig.cas.authentication.principal.AbstractPersonDirectoryCredentialsToPrincipalResolver
      extended by org.jasig.cas.adaptors.x509.authentication.principal.AbstractX509CertificateCredentialsToPrincipalResolver
          extended by org.jasig.cas.adaptors.x509.authentication.principal.X509CertificateCredentialsToSerialNumberAndIssuerDNPrincipalResolver
All Implemented Interfaces:
CredentialsToPrincipalResolver
public final class X509CertificateCredentialsToSerialNumberAndIssuerDNPrincipalResolver
extends AbstractX509CertificateCredentialsToPrincipalResolver

This class is targeted at usage for mapping to an existing user record. It can construct a highly-likely unique DN based on a certificate's serialnumber and its issuerDN. example: SERIALNUMBER=20267647332258882251479793556682961758, SERIALNUMBER=200301, CN=Citizen CA, C=BE see RFC3280 The combination of a certificate serial number and the issuerDN *should* be unique: - The certificate serialNumber is by its nature unique for a certain issuer. - The issuerDN is RECOMMENDED to be unique. Both the serial number and the issuerDN are REQUIRED in a certificate. Note: comparison rules state the compare should be case-insensitive. LDAP value description: EQUALITY distinguishedNameMatch SYNTAX 1.3.6.1.4.1.1466.115.121.1.12 [=distinguishedName]

Since:
3.1
Version:
$Revision: 19533 $ $Date: 2009-12-14 23:33:36 -0500 (Mon, 14 Dec 2009) $
Author:
Jan Van der Velpen

Field Summary
 
Fields inherited from class org.jasig.cas.authentication.principal.AbstractPersonDirectoryCredentialsToPrincipalResolver
log
 
Constructor Summary
X509CertificateCredentialsToSerialNumberAndIssuerDNPrincipalResolver()
           
 
Method Summary
protected  String resolvePrincipalInternal(X509Certificate certificate)
           
 void setSerialNumberPrefix(String serialNumberPrefix)
          Sets a prefix for the certificate serialnumber (default: "SERIALNUMBER=")
 void setValueDelimiter(String valueDelimiter)
          Sets a delimiter to separate the two certificate properties in the string (default: ", ")
 
Methods inherited from class org.jasig.cas.adaptors.x509.authentication.principal.AbstractX509CertificateCredentialsToPrincipalResolver
extractPrincipalId, supports
 
Methods inherited from class org.jasig.cas.authentication.principal.AbstractPersonDirectoryCredentialsToPrincipalResolver
resolvePrincipal, setAttributeRepository, setReturnNullIfNoAttributes
 
Methods inherited from class java.lang.Object
clone, equals, finalize, getClass, hashCode, notify, notifyAll, toString, wait, wait, wait
 

Constructor Detail

X509CertificateCredentialsToSerialNumberAndIssuerDNPrincipalResolver

public X509CertificateCredentialsToSerialNumberAndIssuerDNPrincipalResolver()
Method Detail

setSerialNumberPrefix

public void setSerialNumberPrefix(String serialNumberPrefix)
Sets a prefix for the certificate serialnumber (default: "SERIALNUMBER=")

Parameters:
serialNumberPrefix - The serialNumberPrefix to set.

setValueDelimiter

public void setValueDelimiter(String valueDelimiter)
Sets a delimiter to separate the two certificate properties in the string (default: ", ")

Parameters:
valueDelimiter - The valueDelimiter to set.

resolvePrincipalInternal

protected String resolvePrincipalInternal(X509Certificate certificate)
Specified by:
resolvePrincipalInternal in class AbstractX509CertificateCredentialsToPrincipalResolver
Overview  Package   Class  Use  Tree  Deprecated  Index  Help 
 PREV CLASS   NEXT CLASS FRAMES    NO FRAMES    
SUMMARY: NESTED | FIELD | CONSTR | METHOD DETAIL: FIELD | CONSTR | METHOD
Copyright © 2004-2010 Jasig. All Rights Reserved.