@Extensible @DirectoryServerExtension @DirectoryProxyServerExtension(appliesToLocalContent=true, appliesToRemoteContent=false) @SynchronizationServerExtension(appliesToLocalContent=true, appliesToSynchronizedContent=false) @ThreadSafety(level=INTERFACE_THREADSAFE) public abstract class ScriptedCertificateMapper extends java.lang.Object implements Reconfigurable<CertificateMapperConfig>
dsconfig create-certificate-mapper \ --mapper-name "{mapper-name}" \ --type groovy-scripted \ --set enabled:true \ --set "script-class:{class-name}" \ --set "script-argument:{name=value}"where "{mapper-name}" is the name to use for the certificate mapper instance, "{class-name}" is the fully-qualified name of the Groovy class written using this API, and "{name=value}" represents name-value pairs for any arguments to provide to the certificate mapper. If multiple arguments should be provided to the certificate mapper, then the "
--set script-argument:{name=value}
" option should be
provided multiple times.CertificateMapper
Constructor and Description |
---|
ScriptedCertificateMapper()
Creates a new instance of this certificate mapper.
|
Modifier and Type | Method and Description |
---|---|
com.unboundid.ldap.sdk.ResultCode |
applyConfiguration(CertificateMapperConfig config,
com.unboundid.util.args.ArgumentParser parser,
java.util.List<java.lang.String> adminActionsRequired,
java.util.List<java.lang.String> messages)
Attempts to apply the configuration from the provided argument parser to
this extension.
|
void |
defineConfigArguments(com.unboundid.util.args.ArgumentParser parser)
Updates the provided argument parser to define any configuration arguments
which may be used by this extension.
|
void |
finalizeCertificateMapper()
Performs any cleanup which may be necessary when this certificate mapper is
to be taken out of service.
|
void |
initializeCertificateMapper(DirectoryServerContext serverContext,
CertificateMapperConfig config,
com.unboundid.util.args.ArgumentParser parser)
Initializes this certificate mapper.
|
boolean |
isConfigurationAcceptable(CertificateMapperConfig config,
com.unboundid.util.args.ArgumentParser parser,
java.util.List<java.lang.String> unacceptableReasons)
Indicates whether the configuration represented by the provided argument
parser is acceptable for use by this extension.
|
abstract java.lang.String |
mapCertificate(java.security.cert.Certificate[] certChain)
Performs any processing which may be necessary to map the provided
certificate chain to a user within the server.
|
public ScriptedCertificateMapper()
initializeCertificateMapper
method.public void defineConfigArguments(com.unboundid.util.args.ArgumentParser parser) throws com.unboundid.util.args.ArgumentException
defineConfigArguments
in interface Configurable
parser
- The argument parser to be updated with the configuration
arguments which may be used by this extension.com.unboundid.util.args.ArgumentException
- If a problem is encountered while updating the
provided argument parser.public void initializeCertificateMapper(DirectoryServerContext serverContext, CertificateMapperConfig config, com.unboundid.util.args.ArgumentParser parser) throws com.unboundid.ldap.sdk.LDAPException
serverContext
- A handle to the server context for the server in
which this extension is running.config
- The general configuration for this certificate
mapper.parser
- The argument parser which has been initialized from
the configuration for this certificate mapper.com.unboundid.ldap.sdk.LDAPException
- If a problem occurs while initializing this
certificate mapper.public boolean isConfigurationAcceptable(CertificateMapperConfig config, com.unboundid.util.args.ArgumentParser parser, java.util.List<java.lang.String> unacceptableReasons)
isConfigurationAcceptable
in interface Reconfigurable<CertificateMapperConfig>
config
- The general configuration for this extension.parser
- The argument parser that has been used to
parse the proposed configuration for this
extension.unacceptableReasons
- A list to which messages may be added to
provide additional information about why the
provided configuration is not acceptable.true
if the configuration in the provided argument parser
appears to be acceptable, or false
if not.public com.unboundid.ldap.sdk.ResultCode applyConfiguration(CertificateMapperConfig config, com.unboundid.util.args.ArgumentParser parser, java.util.List<java.lang.String> adminActionsRequired, java.util.List<java.lang.String> messages)
applyConfiguration
in interface Reconfigurable<CertificateMapperConfig>
config
- The general configuration for this extension.parser
- The argument parser that has been used to
parse the new configuration for this
extension.adminActionsRequired
- A list to which messages may be added to
provide additional information about any
additional administrative actions that may
be required to apply some of the
configuration changes.messages
- A list to which messages may be added to
provide additional information about the
processing performed by this method.SUCCESS
should be
used to indicate that all processing completed successfully. Any
other result will indicate that a problem occurred during
processing.public void finalizeCertificateMapper()
public abstract java.lang.String mapCertificate(java.security.cert.Certificate[] certChain) throws com.unboundid.ldap.sdk.LDAPException
certChain
- The certificate chain presented by the client.com.unboundid.ldap.sdk.LDAPException
- If the presented certificate cannot be mapped to
exactly one user in the server.