summaryrefslogtreecommitdiffstats
path: root/pki/base/common/src/com/netscape/cms/publish/mappers/LdapDNCompsMap.java
diff options
context:
space:
mode:
Diffstat (limited to 'pki/base/common/src/com/netscape/cms/publish/mappers/LdapDNCompsMap.java')
-rw-r--r--pki/base/common/src/com/netscape/cms/publish/mappers/LdapDNCompsMap.java156
1 files changed, 78 insertions, 78 deletions
diff --git a/pki/base/common/src/com/netscape/cms/publish/mappers/LdapDNCompsMap.java b/pki/base/common/src/com/netscape/cms/publish/mappers/LdapDNCompsMap.java
index a9df7dae2..e2457b882 100644
--- a/pki/base/common/src/com/netscape/cms/publish/mappers/LdapDNCompsMap.java
+++ b/pki/base/common/src/com/netscape/cms/publish/mappers/LdapDNCompsMap.java
@@ -17,7 +17,6 @@
// --- END COPYRIGHT BLOCK ---
package com.netscape.cms.publish.mappers;
-
import java.io.IOException;
import java.util.Enumeration;
import java.util.Locale;
@@ -46,8 +45,7 @@ import com.netscape.certsrv.ldap.ELdapServerDownException;
import com.netscape.certsrv.logging.ILogger;
import com.netscape.certsrv.publish.ILdapPlugin;
-
-/**
+/**
* Maps a Subject name to an entry in the LDAP server.
* subject name to form the ldap search dn and filter.
* Takes a optional root search dn.
@@ -57,11 +55,11 @@ import com.netscape.certsrv.publish.ILdapPlugin;
* If the baseDN is null and none of the DN comps matched, it is an error.
* If none of the DN comps and filter comps matched, it is an error.
* If just the filter comps is null, a base search is performed.
- *
+ *
* @version $Revision$, $Date$
*/
-public class LdapDNCompsMap
- implements ILdapPlugin, IExtendedPluginInfo {
+public class LdapDNCompsMap
+ implements ILdapPlugin, IExtendedPluginInfo {
//protected String mLdapAttr = null;
protected String mBaseDN = null;
protected ObjectIdentifier[] mDnComps = null;
@@ -71,9 +69,9 @@ public class LdapDNCompsMap
private boolean mInited = false;
protected IConfigStore mConfig = null;
- /**
+ /**
* Constructor.
- *
+ *
* The DN comps are used to form a LDAP entry to begin a subtree search.
* The filter comps are used to form a search filter for the subtree.
* If none of the DN comps matched, baseDN is used for the subtree.
@@ -81,13 +79,13 @@ public class LdapDNCompsMap
* If none of the DN comps and filter comps matched, it is an error.
* If just the filter comps is null, a base search is performed.
*
- * @param baseDN The base DN.
+ * @param baseDN The base DN.
* @param dnComps Components to form the LDAP base dn for search.
* @param filterComps Components to form the LDAP search filter.
*/
- public LdapDNCompsMap(String ldapAttr, String baseDN,
- ObjectIdentifier[] dnComps,
- ObjectIdentifier[] filterComps) {
+ public LdapDNCompsMap(String ldapAttr, String baseDN,
+ ObjectIdentifier[] dnComps,
+ ObjectIdentifier[] filterComps) {
//mLdapAttr = ldapAttr;
init(baseDN, dnComps, filterComps);
}
@@ -102,17 +100,17 @@ public class LdapDNCompsMap
return mConfig;
}
- /**
+ /**
* for initializing from config store.
*/
- public void init(IConfigStore config)
- throws EBaseException {
+ public void init(IConfigStore config)
+ throws EBaseException {
mConfig = config;
String baseDN = mConfig.getString("baseDN");
- ObjectIdentifier[] dnComps =
- getCompsFromString(mConfig.getString("dnComps"));
- ObjectIdentifier[] filterComps =
- getCompsFromString(mConfig.getString("filterComps"));
+ ObjectIdentifier[] dnComps =
+ getCompsFromString(mConfig.getString("dnComps"));
+ ObjectIdentifier[] filterComps =
+ getCompsFromString(mConfig.getString("filterComps"));
init(baseDN, dnComps, filterComps);
}
@@ -131,12 +129,12 @@ public class LdapDNCompsMap
"dnComps;string;Comma-separated list of attributes to put in the DN",
"filterComps;string;Comma-separated list of attributes to form the filter",
IExtendedPluginInfo.HELP_TOKEN +
- ";configuration-ldappublish-mapper-dncompsmapper",
+ ";configuration-ldappublish-mapper-dncompsmapper",
IExtendedPluginInfo.HELP_TEXT +
- ";More complex mapper. Used when there is not enough information " +
- "in the cert request to form the complete LDAP DN. Using this " +
- "plugin, you can specify additional LDAP filters to narrow down the " +
- "search"
+ ";More complex mapper. Used when there is not enough information " +
+ "in the cert request to form the complete LDAP DN. Using this " +
+ "plugin, you can specify additional LDAP filters to narrow down the " +
+ "search"
};
return s;
@@ -163,14 +161,14 @@ public class LdapDNCompsMap
if (mDnComps == null) {
v.addElement("dnComps=");
} else {
- v.addElement("dnComps=" +
- mConfig.getString("dnComps"));
+ v.addElement("dnComps=" +
+ mConfig.getString("dnComps"));
}
if (mFilterComps == null) {
v.addElement("filterComps=");
} else {
- v.addElement("filterComps=" +
- mConfig.getString("filterComps"));
+ v.addElement("filterComps=" +
+ mConfig.getString("filterComps"));
}
} catch (Exception e) {
}
@@ -181,8 +179,8 @@ public class LdapDNCompsMap
* common initialization routine.
*/
protected void init(String baseDN, ObjectIdentifier[] dnComps,
- ObjectIdentifier[] filterComps) {
- if (mInited)
+ ObjectIdentifier[] filterComps) {
+ if (mInited)
return;
mBaseDN = baseDN;
@@ -191,36 +189,36 @@ public class LdapDNCompsMap
if (filterComps != null)
mFilterComps = (ObjectIdentifier[]) filterComps.clone();
- // log debug info.
+ // log debug info.
for (int i = 0; i < mDnComps.length; i++) {
CMS.debug(
- "LdapDNCompsMap: dnComp " + X500NameAttrMap.getDefault().getName(mDnComps[i]));
+ "LdapDNCompsMap: dnComp " + X500NameAttrMap.getDefault().getName(mDnComps[i]));
}
for (int i = 0; i < mFilterComps.length; i++) {
CMS.debug("LdapDNCompsMap: filterComp " +
- X500NameAttrMap.getDefault().getName(mFilterComps[i]));
+ X500NameAttrMap.getDefault().getName(mFilterComps[i]));
}
mInited = true;
}
/**
* Maps a X500 subject name to LDAP entry.
- * Uses DN components and filter components to form a DN and
+ * Uses DN components and filter components to form a DN and
* filter for a LDAP search.
* If the formed DN is null the baseDN will be used.
* If the formed DN is null and baseDN is null an error is thrown.
* If the filter is null a base search is performed.
* If both are null an error is thrown.
*
- * @param conn the LDAP connection.
- * @param x500name the dn to map.
- * @param obj the object
+ * @param conn the LDAP connection.
+ * @param x500name the dn to map.
+ * @param obj the object
* @exception ELdapException if any LDAP exceptions occured.
* @return the DN of the entry.
- */
- public String map(LDAPConnection conn, X500Name x500name,
- byte[] obj)
- throws ELdapException {
+ */
+ public String map(LDAPConnection conn, X500Name x500name,
+ byte[] obj)
+ throws ELdapException {
try {
if (conn == null)
return null;
@@ -240,11 +238,11 @@ public class LdapDNCompsMap
// x500name.toString());
// }
if (mBaseDN == null) {
- log(ILogger.LL_FAILURE,
- CMS.getLogMessage("PUBLISH_NO_BASE"));
+ log(ILogger.LL_FAILURE,
+ CMS.getLogMessage("PUBLISH_NO_BASE"));
throw new ELdapException(
- CMS.getUserMessage("CMS_LDAP_NO_DN_COMPS_AND_BASEDN",
- x500name.toString()));
+ CMS.getUserMessage("CMS_LDAP_NO_DN_COMPS_AND_BASEDN",
+ x500name.toString()));
}
dn = mBaseDN;
}
@@ -261,23 +259,23 @@ public class LdapDNCompsMap
attrs = new String[] { LDAPv3.NO_ATTRS };
log(ILogger.LL_INFO, "searching for " + dn + " " + filter + " " +
- ((scope == LDAPv2.SCOPE_SUB) ? "sub" : "base"));
+ ((scope == LDAPv2.SCOPE_SUB) ? "sub" : "base"));
- LDAPSearchResults results =
- conn.search(dn, scope, filter, attrs, false);
+ LDAPSearchResults results =
+ conn.search(dn, scope, filter, attrs, false);
LDAPEntry entry = results.next();
if (results.hasMoreElements()) {
- log(ILogger.LL_FAILURE,
- CMS.getLogMessage("PUBLISH_MORE_THAN_ONE_ENTRY", "", x500name.toString()));
- throw new ELdapException(CMS.getUserMessage("CMS_LDAP_MORE_THAN_ONE_ENTRY",
- x500name.toString()));
+ log(ILogger.LL_FAILURE,
+ CMS.getLogMessage("PUBLISH_MORE_THAN_ONE_ENTRY", "", x500name.toString()));
+ throw new ELdapException(CMS.getUserMessage("CMS_LDAP_MORE_THAN_ONE_ENTRY",
+ x500name.toString()));
}
if (entry != null) {
return entry.getDN();
} else {
- log(ILogger.LL_FAILURE,
- CMS.getLogMessage("PUBLISH_ENTRY_NOT_FOUND", "", x500name.toString()));
+ log(ILogger.LL_FAILURE,
+ CMS.getLogMessage("PUBLISH_ENTRY_NOT_FOUND", "", x500name.toString()));
throw new ELdapException(CMS.getUserMessage("CMS_LDAP_NO_MATCH_FOUND",
"null entry"));
}
@@ -286,11 +284,11 @@ public class LdapDNCompsMap
// need to intercept this because message from LDAP is
// "DSA is unavailable" which confuses with DSA PKI.
log(ILogger.LL_FAILURE,
- CMS.getLogMessage("PUBLISH_NO_LDAP_SERVER"));
+ CMS.getLogMessage("PUBLISH_NO_LDAP_SERVER"));
throw new ELdapServerDownException(CMS.getUserMessage("CMS_LDAP_SERVER_UNAVAILABLE", conn.getHost(), "" + conn.getPort()));
} else {
- log(ILogger.LL_FAILURE,
- CMS.getLogMessage("PUBLISH_DN_MAP_EXCEPTION", "LDAPException", e.toString()));
+ log(ILogger.LL_FAILURE,
+ CMS.getLogMessage("PUBLISH_DN_MAP_EXCEPTION", "LDAPException", e.toString()));
throw new ELdapException(CMS.getUserMessage("CMS_LDAP_NO_MATCH_FOUND", e.toString()));
}
}
@@ -298,15 +296,16 @@ public class LdapDNCompsMap
private void log(int level, String msg) {
mLogger.log(ILogger.EV_SYSTEM, ILogger.S_LDAP, level,
- "LdapDNCompsMap: " + msg);
+ "LdapDNCompsMap: " + msg);
}
/**
* form a dn and filter from component in the cert subject name
+ *
* @param subjName subject name
*/
public String[] formDNandFilter(X500Name subjName)
- throws ELdapException {
+ throws ELdapException {
Vector<RDN> dnRdns = new Vector<RDN>();
SearchFilter filter = new SearchFilter();
X500NameAttrMap attrMap = X500NameAttrMap.getDefault();
@@ -328,16 +327,16 @@ public class LdapDNCompsMap
DerValue val = ava.getValue();
AVA newAVA = new AVA(mailOid, val);
RDN newRDN = new RDN(new AVA[] { newAVA }
- );
+ );
- CMS.debug(
- "LdapDNCompsMap: Converted " + rdn.toLdapDNString() + " to " +
- newRDN.toLdapDNString() + " in DN");
+ CMS.debug(
+ "LdapDNCompsMap: Converted " + rdn.toLdapDNString() + " to " +
+ newRDN.toLdapDNString() + " in DN");
rdn = newRDN;
}
dnRdns.addElement(rdn);
CMS.debug(
- "LdapDNCompsMap: adding dn comp " + rdn.toLdapDNString());
+ "LdapDNCompsMap: adding dn comp " + rdn.toLdapDNString());
break;
}
}
@@ -348,13 +347,13 @@ public class LdapDNCompsMap
AVA newAVA = new AVA(mailOid, val);
CMS.debug(
- "LdapDNCompsMap: Converted " + ava.toLdapDNString() + " to " +
- newAVA.toLdapDNString() + " in filter");
+ "LdapDNCompsMap: Converted " + ava.toLdapDNString() + " to " +
+ newAVA.toLdapDNString() + " in filter");
ava = newAVA;
}
filter.addElement(ava.toLdapDNString());
CMS.debug(
- "LdapDNCompsMap: adding filter comp " + ava.toLdapDNString());
+ "LdapDNCompsMap: adding filter comp " + ava.toLdapDNString());
break;
}
}
@@ -363,14 +362,14 @@ public class LdapDNCompsMap
// return to caller to decide.
if (dnRdns.size() != 0) {
dnStr = new X500Name(dnRdns).toLdapDNString();
- }
+ }
if (filter.size() != 0) {
filterStr = filter.toFilterString();
}
}
} catch (IOException e) {
- log(ILogger.LL_FAILURE,
- CMS.getLogMessage("PUBLISH_FROM_SUBJ_TO_DN", e.toString()));
+ log(ILogger.LL_FAILURE,
+ CMS.getLogMessage("PUBLISH_FROM_SUBJ_TO_DN", e.toString()));
throw new ELdapException(CMS.getUserMessage("CMS_LDAP_FORM_DN_COMPS_FAILED", e.toString()));
}
@@ -386,12 +385,13 @@ public class LdapDNCompsMap
}
/**
- * class for forming search filters for ldap searching from
+ * class for forming search filters for ldap searching from
* name=value components. components are anded.
*/
public static class SearchFilter extends Vector<Object> {
private static final long serialVersionUID = 4210302171279891828L;
+
public String toFilterString() {
StringBuffer buf = new StringBuffer();
@@ -412,21 +412,22 @@ public class LdapDNCompsMap
}
/**
- * useful routine for parsing components given as string to
- * arrays of objectidentifiers.
- * The string is expected to be comma separated AVA attribute names.
+ * useful routine for parsing components given as string to
+ * arrays of objectidentifiers.
+ * The string is expected to be comma separated AVA attribute names.
* For example, "uid,cn,o,ou". Attribute names are case insensitive.
+ *
* @param val the string specifying the comps
* @exception ELdapException if any error occurs.
*/
public static ObjectIdentifier[] getCompsFromString(String val)
- throws ELdapException {
+ throws ELdapException {
StringTokenizer tokens;
ObjectIdentifier[] comps;
String attr;
ObjectIdentifier oid;
- if (val == null || val.length() == 0)
+ if (val == null || val.length() == 0)
return new ObjectIdentifier[0];
tokens = new StringTokenizer(val, ", \t\n\r");
@@ -439,7 +440,7 @@ public class LdapDNCompsMap
while (tokens.hasMoreTokens()) {
attr = tokens.nextToken().trim();
// mail -> E hack to look for E in subject names.
- if (attr.equalsIgnoreCase("mail"))
+ if (attr.equalsIgnoreCase("mail"))
attr = "E";
oid = X500NameAttrMap.getDefault().getOid(attr);
if (oid != null) {
@@ -453,4 +454,3 @@ public class LdapDNCompsMap
}
}
-
generated by cgit (git 2.34.1) at 2024-06-30 06:44:03 +0000