Examples of SubjectAttributeToUserAttributeCertificateMapperCfg

   * {@inheritDoc}
   */
  public Entry mapCertificateToUser(Certificate[] certificateChain)
         throws DirectoryException
  {
    SubjectAttributeToUserAttributeCertificateMapperCfg config =
         currentConfig;
    LinkedHashMap<String,AttributeType> attributeMap = this.attributeMap;




    // Make sure that a peer certificate was provided.
    if ((certificateChain == null) || (certificateChain.length == 0))
    {
      Message message = ERR_SATUACM_NO_PEER_CERTIFICATE.get();
      throw new DirectoryException(ResultCode.INVALID_CREDENTIALS, message);
    }




    // Get the first certificate in the chain.  It must be an X.509 certificate.
    X509Certificate peerCertificate;
    try
    {
      peerCertificate = (X509Certificate) certificateChain[0];
    }
    catch (Exception e)
    {
      if (debugEnabled())
      {
        TRACER.debugCaught(DebugLogLevel.ERROR, e);
      }


      Message message = ERR_SATUACM_PEER_CERT_NOT_X509.get(
          String.valueOf(certificateChain[0].getType()));
      throw new DirectoryException(ResultCode.INVALID_CREDENTIALS, message);
    }




    // Get the subject from the peer certificate and use it to create a search
    // filter.
    DN peerDN;
    X500Principal peerPrincipal = peerCertificate.getSubjectX500Principal();
    String peerName = peerPrincipal.getName(X500Principal.RFC2253);
    try
    {
      peerDN = DN.decode(peerName);
    }
    catch (DirectoryException de)
    {
      Message message = ERR_SATUACM_CANNOT_DECODE_SUBJECT_AS_DN.get(
          peerName, de.getMessageObject());
      throw new DirectoryException(ResultCode.INVALID_CREDENTIALS, message,
                                   de);
    }


    LinkedList<SearchFilter> filterComps = new LinkedList<SearchFilter>();
    for (int i=0; i < peerDN.getNumComponents(); i++)
    {
      RDN rdn = peerDN.getRDN(i);
      for (int j=0; j < rdn.getNumValues(); j++)
      {
        String lowerName = toLowerCase(rdn.getAttributeName(j));
        AttributeType attrType = attributeMap.get(lowerName);
        if (attrType != null)
        {
          filterComps.add(SearchFilter.createEqualityFilter(attrType,
                                            rdn.getAttributeValue(j)));
        }
      }
    }


    if (filterComps.isEmpty())
    {
      Message message = ERR_SATUACM_NO_MAPPABLE_ATTRIBUTES.get(peerName);
      throw new DirectoryException(ResultCode.INVALID_CREDENTIALS, message);
    }


    SearchFilter filter = SearchFilter.createANDFilter(filterComps);




    // If we have an explicit set of base DNs, then use it.  Otherwise, use the
    // set of public naming contexts in the server.
    Collection<DN> baseDNs = config.getUserBaseDN();
    if ((baseDNs == null) || baseDNs.isEmpty())
    {
      baseDNs = DirectoryServer.getPublicNamingContexts().keySet();
    }

        expectedExceptions = { ConfigException.class,
                               InitializationException.class })
  public void testInvalidConfigs(Entry e)
         throws Exception
  {
    SubjectAttributeToUserAttributeCertificateMapperCfg config =
       AdminTestCaseUtils.getConfiguration(
       SubjectAttributeToUserAttributeCertificateMapperCfgDefn.
            getInstance(), e);


    SubjectAttributeToUserAttributeCertificateMapper mapper =

Examples of SubjectAttributeToUserAttributeCertificateMapperCfg

Examples of org.nasutekds.server.admin.std.server.SubjectAttributeToUserAttributeCertificateMapperCfg

Examples of org.nasutekds.server.admin.std.server.SubjectAttributeToUserAttributeCertificateMapperCfg

Examples of org.nasutekds.server.admin.std.server.SubjectAttributeToUserAttributeCertificateMapperCfg