The Certificate-Mapping API consists of data structures and functions used to manage certificate mapping.
When a user authenticates to the Web Server by sending a client certificate, the server uses information in the certificate to search the user directory for the user’s entry.
You can configure some parts of this process by editing the certmap.conf file. This file specifies the following:
Instructs the server searches the directory for the user’s entry.
Determines whether the server goes through an additional step of verifying that the user’s certificate matches the certificate presented to the server.
For more information about certmap.conf, see the Sun Java System Web Server 7.0 Update 4 Administrator’s Configuration File Reference.
You can also modify this process programmatically. Web Server includes a set of API functions, the Certificate-Mapping API functions that enable you to control this process. You can write your own functions to customize how certificate subject entries are found in the directory.
To use this API, you must have a copy of the Directory SDK. You can download a copy of this SDK from http://developers.sun.com/index.html.