Class SubjectDnX509PrincipalExtractor
java.lang.Object
org.springframework.security.web.authentication.preauth.x509.SubjectDnX509PrincipalExtractor
- All Implemented Interfaces:
org.springframework.beans.factory.Aware
,org.springframework.context.MessageSourceAware
,X509PrincipalExtractor
public class SubjectDnX509PrincipalExtractor
extends Object
implements X509PrincipalExtractor, org.springframework.context.MessageSourceAware
Obtains the principal from a certificate using a regular expression match against the
Subject (as returned by a call to
X509Certificate.getSubjectDN()
).
The regular expression should contain a single group; for example the default expression "CN=(.*?)(?:,|$)" matches the common name field. So "CN=Jimi Hendrix, OU=..." will give a user name of "Jimi Hendrix".
The matches are case insensitive. So "emailAddress=(.*?)," will match "[email protected], CN=..." giving a user name "[email protected]"
-
Field Summary
-
Constructor Summary
-
Method Summary
Modifier and TypeMethodDescriptionextractPrincipal
(X509Certificate clientCert) Returns the principal (usually a String) for the given certificate.void
setMessageSource
(org.springframework.context.MessageSource messageSource) void
setSubjectDnRegex
(String subjectDnRegex) Sets the regular expression which will by used to extract the user name from the certificate's Subject DN.
-
Field Details
-
logger
protected final org.apache.commons.logging.Log logger -
messages
protected org.springframework.context.support.MessageSourceAccessor messages
-
-
Constructor Details
-
SubjectDnX509PrincipalExtractor
public SubjectDnX509PrincipalExtractor()
-
-
Method Details
-
extractPrincipal
Description copied from interface:X509PrincipalExtractor
Returns the principal (usually a String) for the given certificate.- Specified by:
extractPrincipal
in interfaceX509PrincipalExtractor
-
setSubjectDnRegex
Sets the regular expression which will by used to extract the user name from the certificate's Subject DN.It should contain a single group; for example the default expression "CN=(.*?)(?:,|$)" matches the common name field. So "CN=Jimi Hendrix, OU=..." will give a user name of "Jimi Hendrix".
The matches are case insensitive. So "emailAddress=(.?)," will match "[email protected], CN=..." giving a user name "[email protected]"
- Parameters:
subjectDnRegex
- the regular expression to find in the subject
-
setMessageSource
public void setMessageSource(org.springframework.context.MessageSource messageSource) - Specified by:
setMessageSource
in interfaceorg.springframework.context.MessageSourceAware
- Since:
- 5.5
-