Line | |
---|
1 | package gov.va.med.edp.weblogic;
|
---|
2 |
|
---|
3 |
|
---|
4 | import java.security.cert.X509Certificate;
|
---|
5 |
|
---|
6 | import org.apache.log4j.Logger;
|
---|
7 |
|
---|
8 | import weblogic.security.providers.authentication.UserNameMapper;
|
---|
9 |
|
---|
10 | public class EDPUserNameMapper implements UserNameMapper {
|
---|
11 |
|
---|
12 |
|
---|
13 | private static Logger logger = Logger.getLogger(EDPUserNameMapper.class);
|
---|
14 |
|
---|
15 | public String mapCertificateToUserName(X509Certificate[] certs, boolean ssl) {
|
---|
16 | String machineName = "";
|
---|
17 |
|
---|
18 |
|
---|
19 | if (certs.length > 0) {
|
---|
20 | String dn = certs[0].getSubjectDN().getName();
|
---|
21 | if (logger.isDebugEnabled()){
|
---|
22 | logger.debug("Certificate Contents: " + dn);
|
---|
23 | }
|
---|
24 | String[] parts = dn.split(",");
|
---|
25 | for (int i = 0; i < parts.length; i++) {
|
---|
26 | String dName = parts[i];
|
---|
27 | if (dName.indexOf("CN=") != -1){
|
---|
28 | machineName = dName.trim().substring(3);
|
---|
29 | }
|
---|
30 |
|
---|
31 | if (machineName.length() == 0){
|
---|
32 | throw new IllegalStateException("Machine Name obtained from the client SSL Certificate is not valid. The machine name was empty");
|
---|
33 | }
|
---|
34 |
|
---|
35 | WeblogicUserManager.addUserToWeblogicSecurity(machineName);
|
---|
36 |
|
---|
37 | if (logger.isDebugEnabled()){
|
---|
38 | logger.debug("SUCCESS!!...Returning Machine Name: '" + machineName + "' for Weblogic Security");
|
---|
39 | }
|
---|
40 |
|
---|
41 | return machineName;
|
---|
42 | }
|
---|
43 |
|
---|
44 | }
|
---|
45 | return "INVALID_USER";
|
---|
46 | }
|
---|
47 |
|
---|
48 |
|
---|
49 | public String mapDistinguishedNameToUserName(byte[] arg0) {
|
---|
50 | throw new UnsupportedOperationException("The method 'mapDistinguishedNameToUserName' in class " + getClass().getName() + " is not supported");
|
---|
51 | }
|
---|
52 |
|
---|
53 |
|
---|
54 |
|
---|
55 |
|
---|
56 |
|
---|
57 | }
|
---|
Note:
See
TracBrowser
for help on using the repository browser.