com.ibm.websphere.security
Interface UserMapping
- public interface UserMapping
Implementing this interface enables WebSphere Security to use customized
mapping for certificates (Java and Web clients) and for Identity assertion
tokens.
Implementation of this interface must provide implementations for:
- mapCertificateToName(X509Certificate[])
- mapDNToName(String)
- mapPrincipalToName(String)
Method Summary |
java.lang.String |
mapCertificateToName(java.security.cert.X509Certificate[] cert)
Maps a Certificate (of X509 format) to a valid user in the Registry. |
java.lang.String |
mapDNToName(java.lang.String dn)
Maps a Distinguised Name (DN) to a valid user in the Registry. |
java.lang.String |
mapPrincipalToName(java.lang.String principalName)
Maps a PrincipalName to a valid user in the Registry. |
mapCertificateToName
public java.lang.String mapCertificateToName(java.security.cert.X509Certificate[] cert)
throws UserMappingException,
NotImplementedException
- Maps a Certificate (of X509 format) to a valid user in the Registry.
This is used to map the name in the certificate supplied by either a
browser or a Java client or a Identity assertion token
to a valid user in the registry
- Parameters:
cert
- the X509 certificate chain- Returns:
- the mapped name of the user which should be valid in the registry
- Throws:
UserMappingException
- if the mapping of the
certificate fails.NotImplementedException
- if this implementation is not supported.
In this case the default implementation is used.
mapDNToName
public java.lang.String mapDNToName(java.lang.String dn)
throws UserMappingException,
NotImplementedException
- Maps a Distinguised Name (DN) to a valid user in the Registry.
This is used to map the DN in an Identity Assertion Token
to a valid user in the registry
- Parameters:
String
- the Distinguised Name(DN) in the Identity Assertion Token.- Returns:
- the mapped name of the user which should be valid in the registry
- Throws:
UserMappingException
- if the mapping of the
DN fails.NotImplementedException
- if this implementation is not supported.
In this case the default implementation is used.
mapPrincipalToName
public java.lang.String mapPrincipalToName(java.lang.String principalName)
throws UserMappingException,
NotImplementedException
- Maps a PrincipalName to a valid user in the Registry.
This is used to map the PrincipalName in an Identity Assertion Token
to a valid user in the registry
- Parameters:
String
- the PrincipalName in the Identity Assertion Token.- Returns:
- the mapped name of the user which should be valid in the registry
- Throws:
UserMappingException
- if the mapping of the
PrincipalName fails.NotImplementedException
- if this implementation is not supported.
In this case the default implementation is used.