IBM WebSphere Application Server [security]: Interface UserMapping

Overview

Package

Class

Tree

Serialized

Deprecated

Index

Help

PREV CLASS NEXT CLASS

FRAMES NO FRAMES

SUMMARY: INNER | FIELD | CONSTR | METHOD

DETAIL: FIELD | CONSTR | METHOD

com.ibm.websphere.security
Interface UserMapping

public interface UserMapping

Implementing this interface enables WebSphere Security to use customized mapping for certificates (Java and Web clients) and for Identity assertion tokens. Implementation of this interface must provide implementations for:

mapCertificateToName(X509Certificate[])
mapDNToName(String)
mapPrincipalToName(String)

Method Summary

java.lang.String mapCertificateToName(java.security.cert.X509Certificate[] cert)
          Maps a Certificate (of X509 format) to a valid user in the Registry.

java.lang.String mapDNToName(java.lang.String dn)
          Maps a Distinguised Name (DN) to a valid user in the Registry.

java.lang.String mapPrincipalToName(java.lang.String principalName)
          Maps a PrincipalName to a valid user in the Registry.

Method Summary
`java.lang.String`	`mapCertificateToName(java.security.cert.X509Certificate[] cert)` Maps a Certificate (of X509 format) to a valid user in the Registry.
`java.lang.String`	`mapDNToName(java.lang.String dn)` Maps a Distinguised Name (DN) to a valid user in the Registry.
`java.lang.String`	`mapPrincipalToName(java.lang.String principalName)` Maps a PrincipalName to a valid user in the Registry.

Method Detail

mapCertificateToName

public java.lang.String mapCertificateToName(java.security.cert.X509Certificate[] cert)
                                      throws UserMappingException,
                                             NotImplementedException

Maps a Certificate (of X509 format) to a valid user in the Registry. This is used to map the name in the certificate supplied by either a browser or a Java client or a Identity assertion token to a valid user in the registry

Parameters:: cert - the X509 certificate chain
Returns:: the mapped name of the user which should be valid in the registry
Throws:: UserMappingException - if the mapping of the certificate fails.; NotImplementedException - if this implementation is not supported. In this case the default implementation is used.

mapDNToName

public java.lang.String mapDNToName(java.lang.String dn)
                             throws UserMappingException,
                                    NotImplementedException

Maps a Distinguised Name (DN) to a valid user in the Registry. This is used to map the DN in an Identity Assertion Token to a valid user in the registry

Parameters:: String - the Distinguised Name(DN) in the Identity Assertion Token.
Returns:: the mapped name of the user which should be valid in the registry
Throws:: UserMappingException - if the mapping of the DN fails.; NotImplementedException - if this implementation is not supported. In this case the default implementation is used.

mapPrincipalToName

public java.lang.String mapPrincipalToName(java.lang.String principalName)
                                    throws UserMappingException,
                                           NotImplementedException

Maps a PrincipalName to a valid user in the Registry. This is used to map the PrincipalName in an Identity Assertion Token to a valid user in the registry

Parameters:: String - the PrincipalName in the Identity Assertion Token.
Returns:: the mapped name of the user which should be valid in the registry
Throws:: UserMappingException - if the mapping of the PrincipalName fails.; NotImplementedException - if this implementation is not supported. In this case the default implementation is used.