public interface UserNameMapper
You can use this interface to map from a certificate to a user name according to whatever scheme is appropriate for your needs. You can also use this interface to map from a X.501 distinguished name to a user name.
To specify an instance of this interface to be used by the default, identity asserter, set the UserNameMapperClassName field on the Default Identity Asserter tab in the Administration Console to the name of a class that implements this interface.
Classes implementing this interface must have a public no-arg constructor.
|Modifier and Type||Method||Description|
Maps a certificate to a username based on a certificate chain presented.
Map a X.501 distinguished name to a username based on the distinguished name attributes and values.
java.lang.String mapCertificateToUserName(java.security.cert.X509Certificate certs, boolean ssl)
certs- certificate chain presented by the client. An array of length at least 1. The first certificate is the leaf (i.e. end user's) certificate. If the length is greater than 1, the array is a certificate chain, with the last element being the root CA.
ssl- true if the certificates to check were presented by the client during a successful two-way SSL handshake.
java.lang.String mapDistinguishedNameToUserName(byte distinguishedName)
distinguishedName- ASN.1 encoding of a X.501 distinguished name.