List of usage examples for javax.security.auth.x500 X500Principal getName
public String getName()
From source file:ddf.security.sts.claimsHandler.AttributeMapLoader.java
/** * Obtains the user name from the principal. * * @param principal Describing the current user that should be used for retrieving claims. * @return the user name if the principal has one, null if no name is specified or if principal * is null./*from w ww .ja v a 2s.c o m*/ */ public static String getUser(Principal principal) { String user = null; if (principal instanceof KerberosPrincipal) { KerberosPrincipal kp = (KerberosPrincipal) principal; StringTokenizer st = new StringTokenizer(kp.getName(), "@"); st = new StringTokenizer(st.nextToken(), "/"); user = st.nextToken(); } else if (principal instanceof X500Principal) { X500Principal x500p = (X500Principal) principal; StringTokenizer st = new StringTokenizer(x500p.getName(), ","); while (st.hasMoreElements()) { // token is in the format: // syntaxAndUniqueId // cn // ou // o // loc // state // country String[] strArr = st.nextToken().split("="); if (strArr.length > 1 && strArr[0].equalsIgnoreCase("cn")) { user = strArr[1]; break; } } } else if (principal != null) { user = principal.getName(); } return user; }
From source file:it.geosolutions.sfs.web.Start.java
private static boolean keyStoreContainsCertificate(KeyStore ks, String hostname) throws Exception { // SubjectDnX509PrincipalExtractor ex = new SubjectDnX509PrincipalExtractor(); Enumeration<String> e = ks.aliases(); while (e.hasMoreElements()) { String alias = e.nextElement(); if (ks.isCertificateEntry(alias)) { Certificate c = ks.getCertificate(alias); if (c instanceof X509Certificate) { X500Principal p = (X500Principal) ((X509Certificate) c).getSubjectX500Principal(); if (p.getName().contains(hostname)) return true; }/*from w w w .j a v a 2 s .co m*/ } } return false; }
From source file:io.hops.hopsworks.util.CertificateHelper.java
public static String getCertificatePart(X509Certificate cert, String partName) { String tmpName, name = ""; X500Principal principal = cert.getSubjectX500Principal(); String part = partName + "="; int start = principal.getName().indexOf(part); if (start > -1) { tmpName = principal.getName().substring(start + part.length()); int end = tmpName.indexOf(","); if (end > 0) { name = tmpName.substring(0, end); } else {//www. j ava 2s . c o m name = tmpName; } } return name.toLowerCase(); }
From source file:ddf.security.SubjectUtils.java
private static String getExtendedCertAttribute(X500Principal principal, ASN1ObjectIdentifier identifier) { RDN[] rdNs = new X500Name(principal.getName()).getRDNs(identifier); if (rdNs != null && rdNs.length > 0) { AttributeTypeAndValue attributeTypeAndValue = rdNs[0].getFirst(); if (attributeTypeAndValue != null) { return attributeTypeAndValue.getValue().toString(); }//from w w w.j a v a 2 s . co m } return null; }
From source file:ddf.security.SubjectUtils.java
public static String filterDN(X500Principal principal, Predicate<RDN> predicate) { RDN[] rdns = Arrays.stream(new X500Name(principal.getName()).getRDNs()).filter(predicate) .toArray(RDN[]::new); return new X500Name(rdns).toString(); }
From source file:org.sandrob.android.net.http.HttpsConnection.java
/** * Gets the common name from the given X500Principal. * * @param name the X.500 principal/* w w w. j ava2 s . c o m*/ * @return the common name, null if not found */ private static String getCommonName(X500Principal name) { if (name == null) { return null; } return getCommonName(new X509Name(name.getName())); }
From source file:test.unit.be.e_contract.dssp.client.XACMLTest.java
@Test public void testX500Name() throws Exception { String dn = "SERIALNUMBER=1234,C=BE"; X500Principal x500Principal = new X500Principal(dn); LOG.debug(x500Principal.getName()); }
From source file:org.cesecore.authentication.SimpleAuthenticationProviderSessionBean.java
/** * This is the pug of authentication; loves everybody. *//*from www . ja va2 s . c o m*/ @Override public AuthenticationToken authenticate(AuthenticationSubject subject) { // A small check if we have added a "fail" credential to the subject. // If we have we will return null, so we can test authentication failure. Set<?> usercredentials = subject.getCredentials(); if ((usercredentials != null) && (usercredentials.size() > 0)) { Object o = usercredentials.iterator().next(); if (o instanceof String) { String str = (String) o; if (StringUtils.equals("fail", str)) { return null; } } } X509Certificate certificate = null; // If we have a certificate as input, use that, otherwise generate a self signed certificate Set<X509Certificate> credentials = new HashSet<X509Certificate>(); Set<?> inputcreds = subject.getCredentials(); if (inputcreds != null) { for (Object object : inputcreds) { if (object instanceof X509Certificate) { certificate = (X509Certificate) object; } } } // If there was no certificate input, create a self signed if (certificate == null) { String dn = "C=SE,O=Test,CN=Test"; // default // If we have created a subject with an X500Principal we will use this DN to create the dummy certificate. if (subject != null) { Set<Principal> principals = subject.getPrincipals(); if ((principals != null) && (principals.size() > 0)) { Principal p = principals.iterator().next(); if (p instanceof X500Principal) { X500Principal xp = (X500Principal) p; dn = xp.getName(); } } } KeyPair keys = null; try { keys = KeyTools.genKeys("512", AlgorithmConstants.KEYALGORITHM_RSA); } catch (NoSuchAlgorithmException e) { throw new InvalidAuthenticationTokenException("Could not create authentication token.", e); } catch (NoSuchProviderException e) { throw new InvalidAuthenticationTokenException("Could not create authentication token.", e); } catch (InvalidAlgorithmParameterException e) { throw new InvalidAuthenticationTokenException("Could not create authentication token.", e); } try { certificate = CertTools.genSelfCert(dn, 365, null, keys.getPrivate(), keys.getPublic(), AlgorithmConstants.SIGALG_SHA1_WITH_RSA, true); } catch (InvalidKeyException e) { throw new CertificateCreationException("Error encountered when creating certificate", e); } catch (CertificateEncodingException e) { throw new CertificateCreationException("Error encountered when creating certificate", e); } catch (NoSuchAlgorithmException e) { throw new CertificateCreationException("Error encountered when creating certificate", e); } catch (SignatureException e) { throw new CertificateCreationException("Error encountered when creating certificate", e); } catch (IllegalStateException e) { throw new CertificateCreationException("Error encountered when creating certificate", e); } catch (NoSuchProviderException e) { throw new CertificateCreationException("Error encountered when creating certificate", e); } } // Add the credentials and new principal credentials.add(certificate); Set<X500Principal> principals = new HashSet<X500Principal>(); principals.add(certificate.getSubjectX500Principal()); // We cannot use the X509CertificateAuthenticationToken here, since it can only be used internally in a JVM. AuthenticationToken result = new TestAuthenticationToken(principals, credentials); return result; }
From source file:org.globus.gsi.CertificateRevocationLists.java
public Collection<X509CRL> getCRLs(X509CRLSelector selector) { Collection<X500Principal> issuers = selector.getIssuers(); int size = issuers.size(); Collection<X509CRL> retval = new ArrayList<X509CRL>(size); // Yup, this stinks. There's loss when we convert from principal to // string. Hence, depending on weird encoding effects, we may miss // some CRLs. Map<String, X509CRL> crlMap = this.crlIssuerDNMap; if (crlMap == null) return retval; for (X500Principal principal : issuers) { String dn = principal.getName(); X509CRL crl = crlMap.get(dn); if (crl != null) { retval.add(crl);// w w w . j a va2s. c om } } return retval; }
From source file:org.cesecore.mock.authentication.SimpleAuthenticationProviderSessionBean.java
/** * This is the pug of authentication; loves everybody. *//*from ww w . j a va2 s .com*/ @Override public AuthenticationToken authenticate(AuthenticationSubject subject) { // A small check if we have added a "fail" credential to the subject. // If we have we will return null, so we can test authentication failure. Set<?> usercredentials = subject.getCredentials(); if ((usercredentials != null) && (usercredentials.size() > 0)) { Object o = usercredentials.iterator().next(); if (o instanceof String) { String str = (String) o; if (StringUtils.equals("fail", str)) { if (log.isDebugEnabled()) { log.debug("Found a 'fail' credential, returning null"); } return null; } } } X509Certificate certificate = null; // If we have a certificate as input, use that, otherwise generate a self signed certificate Set<?> inputcreds = subject.getCredentials(); if (inputcreds != null) { for (Object object : inputcreds) { if (object instanceof X509Certificate) { certificate = (X509Certificate) object; if (log.isDebugEnabled()) { log.debug("Found a certificate credential that we will use, fp=" + CertTools.getFingerprintAsString(certificate)); } } } } // If there was no certificate input, create a self signed if (certificate == null) { if (log.isDebugEnabled()) { log.debug("No certificate input, will create a self-signed one"); } String dn = DEFAULT_DN; // If we have created a subject with an X500Principal we will use this DN to create the dummy certificate. if (subject != null) { Set<Principal> principals = subject.getPrincipals(); if ((principals != null) && (principals.size() > 0)) { Principal p = principals.iterator().next(); if (p instanceof X500Principal) { X500Principal xp = (X500Principal) p; dn = xp.getName(); } } } KeyPair keys = null; try { keys = KeyTools.genKeys("512", AlgorithmConstants.KEYALGORITHM_RSA); } catch (InvalidAlgorithmParameterException e) { throw new InvalidAuthenticationTokenException("Could not create authentication token.", e); } try { certificate = CertTools.genSelfCert(dn, 365, null, keys.getPrivate(), keys.getPublic(), AlgorithmConstants.SIGALG_SHA1_WITH_RSA, true); } catch (CertificateEncodingException e) { throw new CertificateCreationException("Error encountered when creating certificate", e); } catch (IllegalStateException e) { throw new CertificateCreationException("Error encountered when creating certificate", e); } catch (OperatorCreationException e) { throw new CertificateCreationException("Error encountered when creating certificate", e); } catch (CertificateException e) { throw new CertificateCreationException("Error encountered when creating certificate", e); } catch (IOException e) { throw new CertificateCreationException("Error encountered when creating certificate", e); } if (log.isDebugEnabled()) { log.debug("Creates a self signed authentication certificate, fp=" + CertTools.getFingerprintAsString(certificate)); } } // Add the credentials and new principal Set<X509Certificate> credentials = new HashSet<X509Certificate>(); credentials.add(certificate); Set<X500Principal> principals = new HashSet<X500Principal>(); principals.add(certificate.getSubjectX500Principal()); // We cannot use the X509CertificateAuthenticationToken here, since it can only be used internally in a JVM. AuthenticationToken result = new TestX509CertificateAuthenticationToken(principals, credentials); return result; }