Example usage for javax.naming.ldap Rdn getType

List of usage examples for javax.naming.ldap Rdn getType

Introduction

In this page you can find the example usage for javax.naming.ldap Rdn getType.

Prototype

public String getType() 

Source Link

Document

Retrieves one of this Rdn's type.

Usage

From source file:RdnGetters.java

public static void main(String args[]) throws Exception {
    Attributes attrs = new BasicAttributes();
    attrs.put("o", "Yellow");
    attrs.put("cn", "Mango");

    byte[] mangoJuice = new byte[6];
    for (int i = 0; i < mangoJuice.length; i++) {
        mangoJuice[i] = (byte) i;
    }/*from   www .j a  va 2  s  .c  o  m*/
    attrs.put("ou", mangoJuice);
    Rdn rdn = new Rdn(attrs);

    System.out.println();
    System.out.println("size:" + rdn.size());
    System.out.println("getType(): " + rdn.getType());
    System.out.println("getValue(): " + rdn.getValue());

    // test toAttributes
    System.out.println();
    System.out.println("toAttributes(): " + rdn.toAttributes());
}

From source file:ch.bfh.unicert.certimport.Main.java

/**
 * Create a certificate fot the given CSV record
 *
 * @param record the record to parse/*w  ww  . j  a  v a  2s.  c  om*/
 * @throws InvalidNameException
 */
private static void createCertificate(CSVRecord record) throws InvalidNameException {

    int recordid = Integer.parseInt(record.get(0));
    String pemCert = record.get(1);
    String institution = record.get(2);
    int revoked = Integer.parseInt(record.get(3));
    if (revoked == 1) {
        System.out.println("Certficate " + recordid + " is revoked. Looking for next certificate...");
        return;
    }

    String studyBranch = record.get(5);
    String uniqueId = record.get(6);
    String mail = record.get(8);

    CertificateFactory cf;
    X509Certificate cert;
    try {
        cf = CertificateFactory.getInstance("X.509");
        cert = (X509Certificate) cf.generateCertificate(new ByteArrayInputStream(pemCert.getBytes()));
    } catch (CertificateException ex) {
        logger.log(Level.SEVERE, "Not able to read certificate for record {0}, exception: {1}",
                new Object[] { recordid, ex });
        return;
    }

    DSAPublicKey pubKey = (DSAPublicKey) cert.getPublicKey();

    String commonName = cert.getSubjectDN().getName();

    LdapName ln = new LdapName(cert.getSubjectX500Principal().toString());

    for (Rdn rdn : ln.getRdns()) {
        if (rdn.getType().equalsIgnoreCase("CN")) {
            commonName = (String) rdn.getValue();
            break;
        } else if (rdn.getType().equalsIgnoreCase("UID")) {
            uniqueId = (String) rdn.getValue();
            break;
        } else if (rdn.getType().equalsIgnoreCase("OU")) {
            studyBranch = (String) rdn.getValue();
            break;
        }
    }

    IdentityData idData = new IdentityData(commonName, uniqueId, institution, studyBranch, null, null, null,
            null, null, "SwitchAAI", null);

    try {
        Certificate certificate = issuer.createClientCertificate(idData, keystorePath, pubKey, 10, "UniVote",
                new String[] { "Voter" }, uniBoardWSDLurl, uniBoardUrl, section);
        counter++;
        System.out.println("Certificate published for " + recordid + ". Count " + counter + " of 6424");
    } catch (CertificateCreationException ex) {
        logger.log(Level.SEVERE, "Not able to create certificate for record {0}, exception: {1}",
                new Object[] { recordid, ex });
    }
}

From source file:fi.laverca.util.X509Util.java

/**
 * Parse the given RND type from the given certificate's subject
 * @param cert Certificate// ww w.j a  va2s .  c om
 * @param rdnType RND type
 * @return parsed value as String
 */
public static String parseSubjectName(final X509Certificate cert, final String rdnType) {
    String dn = cert.getSubjectX500Principal().getName();

    String name = null;
    try {
        LdapName ldapDn = new LdapName(dn);
        List<Rdn> rdns = ldapDn.getRdns();
        for (Rdn r : rdns) {
            if (rdnType.equals(r.getType())) {
                name = r.getValue().toString();
            }
        }
    } catch (InvalidNameException e) {
        log.error(e);
    }

    return name;
}

From source file:eu.europa.ejusticeportal.dss.applet.model.token.CertificateDisplayUtils.java

/**
 * Parse an LDAP name//from  w w  w  .  java2  s  .  c o  m
 * @param name the LDAP string
 * @return map of LDAP type/value
 */
private static Map<String, String> parseLdapName(String name) {
    Map<String, String> rdns = new HashMap<String, String>();
    try {
        LdapName ldapName = new LdapName(name);
        for (Rdn rdn : ldapName.getRdns()) {
            rdns.put(rdn.getType(), rdn.getValue().toString());
        }
    } catch (InvalidNameException e) {
        LOG.error("Error parsing the issuer name " + name, e);
    }
    return rdns;
}

From source file:eu.europa.esig.dss.DSSASN1Utils.java

/**
 * This method can be removed the simple IssuerSerial verification can be
 * performed. In fact the hash verification is sufficient.
 *
 * @param generalNames/* w w  w  .j  a  va  2  s  .co m*/
 * @return
 */
public static String getCanonicalizedName(final GeneralNames generalNames) {
    GeneralName[] names = generalNames.getNames();
    TreeMap<String, String> treeMap = new TreeMap<String, String>();
    for (GeneralName name : names) {
        String ldapString = String.valueOf(name.getName());
        LOG.debug("ldapString to canonicalize: {} ", ldapString);
        try {
            LdapName ldapName = new LdapName(ldapString);
            List<Rdn> rdns = ldapName.getRdns();
            for (final Rdn rdn : rdns) {
                treeMap.put(rdn.getType().toLowerCase(), String.valueOf(rdn.getValue()).toLowerCase());
            }
        } catch (InvalidNameException e) {
            throw new DSSException(e);
        }
    }
    StringBuilder stringBuilder = new StringBuilder();
    for (Entry<String, String> entry : treeMap.entrySet()) {
        stringBuilder.append(entry.getKey()).append('=').append(entry.getValue()).append('|');
    }
    final String canonicalizedName = stringBuilder.toString();
    LOG.debug("canonicalizedName: {} ", canonicalizedName);
    return canonicalizedName;
}

From source file:io.personium.common.auth.token.TransCellAccessToken.java

/**
 * X509??.//from  w  ww  .  java  2  s  .com
 * @param privateKeyFileName ???
 * @param certificateFileName ??
 * @param rootCertificateFileNames ??
 * @throws IOException IOException
 * @throws NoSuchAlgorithmException NoSuchAlgorithmException
 * @throws InvalidKeySpecException InvalidKeySpecException
 * @throws CertificateException CertificateException
 * @throws InvalidNameException InvalidNameException
 */
public static void configureX509(String privateKeyFileName, String certificateFileName,
        String[] rootCertificateFileNames) throws IOException, NoSuchAlgorithmException,
        InvalidKeySpecException, CertificateException, InvalidNameException {

    xmlSignatureFactory = XMLSignatureFactory.getInstance("DOM");

    // Read RootCA Certificate
    x509RootCertificateFileNames = new ArrayList<String>();
    if (rootCertificateFileNames != null) {
        for (String fileName : rootCertificateFileNames) {
            x509RootCertificateFileNames.add(fileName);
        }
    }

    // Read Private Key
    InputStream is = null;
    if (privateKeyFileName == null) {
        is = TransCellAccessToken.class.getClassLoader()
                .getResourceAsStream(X509KeySelector.DEFAULT_SERVER_KEY_PATH);
    } else {
        is = new FileInputStream(privateKeyFileName);
    }

    PEMReader privateKeyPemReader = new PEMReader(is);
    byte[] privateKeyDerBytes = privateKeyPemReader.getDerBytes();
    PKCS1EncodedKeySpec keySpecRSAPrivateKey = new PKCS1EncodedKeySpec(privateKeyDerBytes);
    KeyFactory keyFactory = KeyFactory.getInstance("RSA");
    privKey = keyFactory.generatePrivate(keySpecRSAPrivateKey.getKeySpec());

    // Read Certificate
    if (certificateFileName == null) {
        is = TransCellAccessToken.class.getClassLoader()
                .getResourceAsStream(X509KeySelector.DEFAULT_SERVER_CRT_PATH);
    } else {
        is = new FileInputStream(certificateFileName);
    }
    PEMReader serverCertificatePemReader;
    serverCertificatePemReader = new PEMReader(is);
    byte[] serverCertificateBytesCert = serverCertificatePemReader.getDerBytes();
    CertificateFactory cf = CertificateFactory.getInstance(X509KeySelector.X509KEY_TYPE);
    x509Certificate = (X509Certificate) cf
            .generateCertificate(new ByteArrayInputStream(serverCertificateBytesCert));

    // Create the KeyInfo containing the X509Data
    KeyInfoFactory keyInfoFactory = xmlSignatureFactory.getKeyInfoFactory();
    List x509Content = new ArrayList();
    x509Content.add(x509Certificate.getSubjectX500Principal().getName());
    x509Content.add(x509Certificate);
    X509Data xd = keyInfoFactory.newX509Data(x509Content);
    keyInfo = keyInfoFactory.newKeyInfo(Collections.singletonList(xd));

    // Get FQDN from Certificate and set FQDN to PersoniumCoreUtils
    String dn = x509Certificate.getSubjectX500Principal().getName();
    LdapName ln = new LdapName(dn);
    for (Rdn rdn : ln.getRdns()) {
        if (rdn.getType().equalsIgnoreCase("CN")) {
            PersoniumCoreUtils.setFQDN(rdn.getValue().toString());
            break;
        }
    }

    // http://java.sun.com/developer/technicalArticles/xml/dig_signature_api/

}

From source file:fi.laverca.Pkcs1.java

/**
 * Get the signer CN. //from   w  ww.ja v a2s.c om
 * <p>Equivalent to calling getSignerCert and
 * then parsing out the CN from the certificate's Subject field.
 * @return Signer's CN or null if there's a problem.
 */
public String getSignerCn() {
    try {
        X509Certificate signerCert = this.getSignerCert();
        String dn = signerCert.getSubjectX500Principal().getName();

        String cn = null;
        try {
            LdapName ldapDn = new LdapName(dn);
            List<Rdn> rdns = ldapDn.getRdns();
            for (Rdn r : rdns) {
                if ("CN".equals(r.getType())) {
                    cn = r.getValue().toString();
                }
            }
        } catch (InvalidNameException e) {
            log.warn("Invalid name", e);
        }

        return cn;
    } catch (Throwable t) {
        log.error("Failed to get Signer cert " + t.getMessage());
        return null;
    }
}

From source file:com.redhat.lightblue.rest.auth.jboss.CertLdapLoginModule.java

private String getLDAPAttribute(String certificatePrincipal, String searchAttribute) throws NamingException {
    String searchName = new String();
    LdapName name = new LdapName(certificatePrincipal);
    for (Rdn rdn : name.getRdns()) {
        if (rdn.getType().equalsIgnoreCase(searchAttribute)) {
            searchName = (String) rdn.getValue();
            break;
        }/* w  w w.java2  s.  co m*/
    }
    return searchName;
}

From source file:fi.laverca.Pkcs7.java

/**
 * Convenience method. Equivalent to calling getSignerCert and
 * then parsing out the CN from the certificate's Subject field.
 * @return Signer CN or null if there's a problem.
 *//* w  w w  .j  ava 2s  . com*/
public String getSignerCn() {
    try {
        X509Certificate signerCert = this.getSignerCert();
        String dn = signerCert.getSubjectX500Principal().getName();

        String cn = null;
        try {
            LdapName ldapDn = new LdapName(dn);
            List<Rdn> rdns = ldapDn.getRdns();
            for (Rdn r : rdns) {
                if ("CN".equals(r.getType())) {
                    cn = r.getValue().toString();
                }
            }
        } catch (InvalidNameException e) {
            log.warn("Invalid name", e);
        }

        return cn;
    } catch (Throwable t) {
        log.error("Failed to get signer CN: " + t.getMessage());
        return null;
    }
}

From source file:edu.jhu.pha.vospace.oauth.AuthorizationServlet.java

private String checkCertificate(HttpServletRequest request) {
    java.security.cert.X509Certificate[] certs = (java.security.cert.X509Certificate[]) request
            .getAttribute("javax.servlet.request.X509Certificate");

    if (null != certs) {
        if (certs[0] != null) {
            String dn = certs[0].getSubjectX500Principal().getName();
            try {
                LdapName ldn = new LdapName(dn);
                Iterator<Rdn> rdns = ldn.getRdns().iterator();
                String org = null, cn = null;
                while (rdns.hasNext()) {
                    Rdn rdn = (Rdn) rdns.next();
                    if (rdn.getType().equalsIgnoreCase("O"))
                        org = (String) rdn.getValue();
                    else if (rdn.getType().equalsIgnoreCase("CN"))
                        cn = (String) rdn.getValue();
                }/*from  ww  w .  j  av a  2 s.  c  om*/
                if (cn != null) {
                    return cn;
                } else {
                    logger.error("Error authenticating the user: cn not found in certificate.");
                    throw new PermissionDeniedException("401 Unauthorized");
                }
            } catch (javax.naming.InvalidNameException e) {
            }
        }
    }
    return null;
}