Package org.springframework.security.web.authentication.preauth.x509

Class SubjectDnX509PrincipalExtractor

java.lang.Object

org.springframework.security.web.authentication.preauth.x509.SubjectDnX509PrincipalExtractor

All Implemented Interfaces:

org.springframework.beans.factory.Aware, org.springframework.context.MessageSourceAware, X509PrincipalExtractor

public class SubjectDnX509PrincipalExtractor
extends Object
implements X509PrincipalExtractor, org.springframework.context.MessageSourceAware

Obtains the principal from a certificate using a regular expression match against the Subject (as returned by a call to X509Certificate.getSubjectDN()).

The regular expression should contain a single group; for example the default expression "CN=(.*?)(?:,|$)" matches the common name field. So "CN=Jimi Hendrix, OU=..." will give a user name of "Jimi Hendrix".

The matches are case insensitive. So "emailAddress=(.*?)," will match "[email protected], CN=..." giving a user name "[email protected]"

Field Summary

Fields

Modifier and Type	Field	Description
protected final org.apache.commons.logging.Log	logger
protected org.springframework.context.support.MessageSourceAccessor	messages

Constructor Summary

Constructors

Constructor	Description
SubjectDnX509PrincipalExtractor()

Method Summary

Modifier and Type	Method	Description
Object	extractPrincipal(X509Certificate clientCert)	Returns the principal (usually a String) for the given certificate.
void	setMessageSource(org.springframework.context.MessageSource messageSource)
void	setSubjectDnRegex(String subjectDnRegex)	Sets the regular expression which will by used to extract the user name from the certificate's Subject DN.

Methods inherited from class java.lang.Object

clone, equals, finalize, getClass, hashCode, notify, notifyAll, toString, wait, wait, wait

Field Details

logger

protected final org.apache.commons.logging.Log logger

messages

protected org.springframework.context.support.MessageSourceAccessor messages

Constructor Details

SubjectDnX509PrincipalExtractor

public SubjectDnX509PrincipalExtractor()

Method Details

extractPrincipal

public Object extractPrincipal(X509Certificate clientCert)

Description copied from interface: X509PrincipalExtractor

Returns the principal (usually a String) for the given certificate.

Specified by:

extractPrincipal in interface X509PrincipalExtractor

setSubjectDnRegex

public void setSubjectDnRegex(String subjectDnRegex)

Sets the regular expression which will by used to extract the user name from the certificate's Subject DN.

It should contain a single group; for example the default expression "CN=(.*?)(?:,|$)" matches the common name field. So "CN=Jimi Hendrix, OU=..." will give a user name of "Jimi Hendrix".

The matches are case insensitive. So "emailAddress=(.?)," will match "[email protected], CN=..." giving a user name "[email protected]"

Parameters:

subjectDnRegex - the regular expression to find in the subject

setMessageSource

public void setMessageSource(org.springframework.context.MessageSource messageSource)

Specified by:

setMessageSource in interface org.springframework.context.MessageSourceAware

Since:

5.5