diff options
Diffstat (limited to 'pki/base/common/src/com/netscape/cms/publish/mappers/LdapCertExactMap.java')
-rw-r--r-- | pki/base/common/src/com/netscape/cms/publish/mappers/LdapCertExactMap.java | 104 |
1 files changed, 48 insertions, 56 deletions
diff --git a/pki/base/common/src/com/netscape/cms/publish/mappers/LdapCertExactMap.java b/pki/base/common/src/com/netscape/cms/publish/mappers/LdapCertExactMap.java index 7ce49748..93fd58ee 100644 --- a/pki/base/common/src/com/netscape/cms/publish/mappers/LdapCertExactMap.java +++ b/pki/base/common/src/com/netscape/cms/publish/mappers/LdapCertExactMap.java @@ -17,7 +17,6 @@ // --- END COPYRIGHT BLOCK --- package com.netscape.cms.publish.mappers; - import java.security.cert.X509Certificate; import java.util.Locale; import java.util.Vector; @@ -41,11 +40,10 @@ import com.netscape.certsrv.logging.ILogger; import com.netscape.certsrv.publish.ILdapMapper; import com.netscape.certsrv.request.IRequest; - -/** - * Maps a X509 certificate to a LDAP entry by using the subject name - * of the certificate as the LDAP entry DN. - * +/** + * Maps a X509 certificate to a LDAP entry by using the subject name of the + * certificate as the LDAP entry DN. + * * @version $Revision$, $Date$ */ public class LdapCertExactMap implements ILdapMapper, IExtendedPluginInfo { @@ -63,8 +61,7 @@ public class LdapCertExactMap implements ILdapMapper, IExtendedPluginInfo { return mConfig; } - public void init(IConfigStore config) - throws EBaseException { + public void init(IConfigStore config) throws EBaseException { if (mInited == true) return; mConfig = config; @@ -73,11 +70,10 @@ public class LdapCertExactMap implements ILdapMapper, IExtendedPluginInfo { public String[] getExtendedPluginInfo(Locale locale) { String[] params = { - IExtendedPluginInfo.HELP_TOKEN + - ";configuration-ldappublish-mapper-certexactmapper", - IExtendedPluginInfo.HELP_TEXT + - ";Literally uses the subject name of the certificate as the DN to publish to" - }; + IExtendedPluginInfo.HELP_TOKEN + + ";configuration-ldappublish-mapper-certexactmapper", + IExtendedPluginInfo.HELP_TEXT + + ";Literally uses the subject name of the certificate as the DN to publish to" }; return params; } @@ -95,7 +91,7 @@ public class LdapCertExactMap implements ILdapMapper, IExtendedPluginInfo { return v; } - + public Vector getInstanceParams() { Vector v = new Vector(); @@ -103,15 +99,13 @@ public class LdapCertExactMap implements ILdapMapper, IExtendedPluginInfo { } /** - * Finds the entry for the certificate by looking for the cert - * subject name in the subject name attribute. + * Finds the entry for the certificate by looking for the cert subject name + * in the subject name attribute. * * @param conn - the LDAP connection. * @param obj - the X509Certificate. - */ - public String - map(LDAPConnection conn, Object obj) - throws ELdapException { + */ + public String map(LDAPConnection conn, Object obj) throws ELdapException { if (conn == null) return null; @@ -120,40 +114,40 @@ public class LdapCertExactMap implements ILdapMapper, IExtendedPluginInfo { try { X509Certificate cert = (X509Certificate) obj; - subjectDN = - (X500Name) ((X509Certificate) cert).getSubjectDN(); + subjectDN = (X500Name) ((X509Certificate) cert).getSubjectDN(); - CMS.debug("LdapCertExactMap: cert subject dn:" + subjectDN.toString()); + CMS.debug("LdapCertExactMap: cert subject dn:" + + subjectDN.toString()); } catch (ClassCastException e) { try { X509CRLImpl crl = (X509CRLImpl) obj; - subjectDN = - (X500Name) ((X509CRLImpl) crl).getIssuerDN(); + subjectDN = (X500Name) ((X509CRLImpl) crl).getIssuerDN(); - CMS.debug("LdapCertExactMap: crl issuer dn: " + - subjectDN.toString()); - }catch (ClassCastException ex) { - log(ILogger.LL_FAILURE, CMS.getLogMessage("PUBLISH_NOT_SUPPORTED_OBJECT")); + CMS.debug("LdapCertExactMap: crl issuer dn: " + + subjectDN.toString()); + } catch (ClassCastException ex) { + log(ILogger.LL_FAILURE, + CMS.getLogMessage("PUBLISH_NOT_SUPPORTED_OBJECT")); return null; } } try { boolean hasCert = false; boolean hasSubjectName = false; - String[] attrs = new String[] { LDAPv3.NO_ATTRS }; + String[] attrs = new String[] { LDAPv3.NO_ATTRS }; log(ILogger.LL_INFO, "Searching for " + subjectDN.toString()); - LDAPSearchResults results = - conn.search(subjectDN.toString(), LDAPv2.SCOPE_BASE, - "(objectclass=*)", attrs, false); - + LDAPSearchResults results = conn.search(subjectDN.toString(), + LDAPv2.SCOPE_BASE, "(objectclass=*)", attrs, false); + LDAPEntry entry = results.next(); if (results.hasMoreElements()) { - log(ILogger.LL_FAILURE, - CMS.getLogMessage("PUBLISH_MORE_THAN_ONE_ENTRY", "", subjectDN.toString())); + log(ILogger.LL_FAILURE, + CMS.getLogMessage("PUBLISH_MORE_THAN_ONE_ENTRY", "", + subjectDN.toString())); } if (entry != null) { log(ILogger.LL_INFO, "entry found"); @@ -165,39 +159,37 @@ public class LdapCertExactMap implements ILdapMapper, IExtendedPluginInfo { // need to intercept this because message from LDAP is // "DSA is unavailable" which confuses with DSA PKI. log(ILogger.LL_FAILURE, - CMS.getLogMessage("PUBLISH_NO_LDAP_SERVER")); - throw new ELdapServerDownException(CMS.getUserMessage("CMS_LDAP_SERVER_UNAVAILABLE", conn.getHost(), "" + conn.getPort())); + CMS.getLogMessage("PUBLISH_NO_LDAP_SERVER")); + throw new ELdapServerDownException(CMS.getUserMessage( + "CMS_LDAP_SERVER_UNAVAILABLE", conn.getHost(), "" + + conn.getPort())); } else { - log(ILogger.LL_FAILURE, CMS.getLogMessage("PUBLISH_DN_MAP_EXCEPTION", e.toString())); - throw new ELdapException(CMS.getUserMessage("CMS_LDAP_NO_MATCH_FOUND", e.toString())); + log(ILogger.LL_FAILURE, + CMS.getLogMessage("PUBLISH_DN_MAP_EXCEPTION", + e.toString())); + throw new ELdapException(CMS.getUserMessage( + "CMS_LDAP_NO_MATCH_FOUND", e.toString())); } } /* - catch (IOException e) { - log(ILogger.LL_FAILURE, - CMS.getLogMessage("PUBLISH_CANT_GET_SUBJECT", e.toString())); - throw new ELdapException( - LdapResources.GET_CERT_SUBJECT_DN_FAILED, e); - } - catch (CertificateEncodingException e) { - log(ILogger.LL_FAILURE, - CMS.getLogMessage("PUBLISH_CANT_DECODE_CERT", e.toString())); - throw new ELdapException( - LdapResources.GET_DER_ENCODED_CERT_FAILED, e); - } + * catch (IOException e) { log(ILogger.LL_FAILURE, + * CMS.getLogMessage("PUBLISH_CANT_GET_SUBJECT", e.toString())); throw + * new ELdapException( LdapResources.GET_CERT_SUBJECT_DN_FAILED, e); } + * catch (CertificateEncodingException e) { log(ILogger.LL_FAILURE, + * CMS.getLogMessage("PUBLISH_CANT_DECODE_CERT", e.toString())); throw + * new ELdapException( LdapResources.GET_DER_ENCODED_CERT_FAILED, e); } */ } public String map(LDAPConnection conn, IRequest req, Object obj) - throws ELdapException { + throws ELdapException { return map(conn, obj); } private void log(int level, String msg) { - mLogger.log(ILogger.EV_SYSTEM, ILogger.S_LDAP, level, - "LdapCertExactMap: " + msg); + mLogger.log(ILogger.EV_SYSTEM, ILogger.S_LDAP, level, + "LdapCertExactMap: " + msg); } } - |