List of usage examples for javax.naming.ldap LdapName getRdns
public List<Rdn> getRdns()
From source file:fi.laverca.util.X509Util.java
/** * Parse the given RND type from the given certificate's subject * @param cert Certificate//from www. ja v a 2 s .c o m * @param rdnType RND type * @return parsed value as String */ public static String parseSubjectName(final X509Certificate cert, final String rdnType) { String dn = cert.getSubjectX500Principal().getName(); String name = null; try { LdapName ldapDn = new LdapName(dn); List<Rdn> rdns = ldapDn.getRdns(); for (Rdn r : rdns) { if (rdnType.equals(r.getType())) { name = r.getValue().toString(); } } } catch (InvalidNameException e) { log.error(e); } return name; }
From source file:ch.bfh.unicert.certimport.Main.java
/** * Create a certificate fot the given CSV record * * @param record the record to parse/*from www . j av a 2s . c om*/ * @throws InvalidNameException */ private static void createCertificate(CSVRecord record) throws InvalidNameException { int recordid = Integer.parseInt(record.get(0)); String pemCert = record.get(1); String institution = record.get(2); int revoked = Integer.parseInt(record.get(3)); if (revoked == 1) { System.out.println("Certficate " + recordid + " is revoked. Looking for next certificate..."); return; } String studyBranch = record.get(5); String uniqueId = record.get(6); String mail = record.get(8); CertificateFactory cf; X509Certificate cert; try { cf = CertificateFactory.getInstance("X.509"); cert = (X509Certificate) cf.generateCertificate(new ByteArrayInputStream(pemCert.getBytes())); } catch (CertificateException ex) { logger.log(Level.SEVERE, "Not able to read certificate for record {0}, exception: {1}", new Object[] { recordid, ex }); return; } DSAPublicKey pubKey = (DSAPublicKey) cert.getPublicKey(); String commonName = cert.getSubjectDN().getName(); LdapName ln = new LdapName(cert.getSubjectX500Principal().toString()); for (Rdn rdn : ln.getRdns()) { if (rdn.getType().equalsIgnoreCase("CN")) { commonName = (String) rdn.getValue(); break; } else if (rdn.getType().equalsIgnoreCase("UID")) { uniqueId = (String) rdn.getValue(); break; } else if (rdn.getType().equalsIgnoreCase("OU")) { studyBranch = (String) rdn.getValue(); break; } } IdentityData idData = new IdentityData(commonName, uniqueId, institution, studyBranch, null, null, null, null, null, "SwitchAAI", null); try { Certificate certificate = issuer.createClientCertificate(idData, keystorePath, pubKey, 10, "UniVote", new String[] { "Voter" }, uniBoardWSDLurl, uniBoardUrl, section); counter++; System.out.println("Certificate published for " + recordid + ". Count " + counter + " of 6424"); } catch (CertificateCreationException ex) { logger.log(Level.SEVERE, "Not able to create certificate for record {0}, exception: {1}", new Object[] { recordid, ex }); } }
From source file:com.newrelic.agent.deps.org.apache.http.conn.ssl.DefaultHostnameVerifier.java
static String extractCN(final String subjectPrincipal) throws SSLException { if (subjectPrincipal == null) { return null; }/* w w w . jav a 2 s .co m*/ try { final LdapName subjectDN = new LdapName(subjectPrincipal); final List<Rdn> rdns = subjectDN.getRdns(); for (int i = rdns.size() - 1; i >= 0; i--) { final Rdn rds = rdns.get(i); final Attributes attributes = rds.toAttributes(); final Attribute cn = attributes.get("cn"); if (cn != null) { try { final Object value = cn.get(); if (value != null) { return value.toString(); } } catch (NoSuchElementException ignore) { } catch (NamingException ignore) { } } } return null; } catch (InvalidNameException e) { throw new SSLException(subjectPrincipal + " is not a valid X500 distinguished name"); } }
From source file:eu.europa.ejusticeportal.dss.applet.model.token.CertificateDisplayUtils.java
/** * Parse an LDAP name/*from w w w. j a v a 2 s .c o m*/ * @param name the LDAP string * @return map of LDAP type/value */ private static Map<String, String> parseLdapName(String name) { Map<String, String> rdns = new HashMap<String, String>(); try { LdapName ldapName = new LdapName(name); for (Rdn rdn : ldapName.getRdns()) { rdns.put(rdn.getType(), rdn.getValue().toString()); } } catch (InvalidNameException e) { LOG.error("Error parsing the issuer name " + name, e); } return rdns; }
From source file:eu.europa.esig.dss.DSSASN1Utils.java
/** * This method can be removed the simple IssuerSerial verification can be * performed. In fact the hash verification is sufficient. * * @param generalNames//from www . ja v a2 s . c om * @return */ public static String getCanonicalizedName(final GeneralNames generalNames) { GeneralName[] names = generalNames.getNames(); TreeMap<String, String> treeMap = new TreeMap<String, String>(); for (GeneralName name : names) { String ldapString = String.valueOf(name.getName()); LOG.debug("ldapString to canonicalize: {} ", ldapString); try { LdapName ldapName = new LdapName(ldapString); List<Rdn> rdns = ldapName.getRdns(); for (final Rdn rdn : rdns) { treeMap.put(rdn.getType().toLowerCase(), String.valueOf(rdn.getValue()).toLowerCase()); } } catch (InvalidNameException e) { throw new DSSException(e); } } StringBuilder stringBuilder = new StringBuilder(); for (Entry<String, String> entry : treeMap.entrySet()) { stringBuilder.append(entry.getKey()).append('=').append(entry.getValue()).append('|'); } final String canonicalizedName = stringBuilder.toString(); LOG.debug("canonicalizedName: {} ", canonicalizedName); return canonicalizedName; }
From source file:io.personium.common.auth.token.TransCellAccessToken.java
/** * X509??./*from w w w .jav a2 s . co m*/ * @param privateKeyFileName ??? * @param certificateFileName ?? * @param rootCertificateFileNames ?? * @throws IOException IOException * @throws NoSuchAlgorithmException NoSuchAlgorithmException * @throws InvalidKeySpecException InvalidKeySpecException * @throws CertificateException CertificateException * @throws InvalidNameException InvalidNameException */ public static void configureX509(String privateKeyFileName, String certificateFileName, String[] rootCertificateFileNames) throws IOException, NoSuchAlgorithmException, InvalidKeySpecException, CertificateException, InvalidNameException { xmlSignatureFactory = XMLSignatureFactory.getInstance("DOM"); // Read RootCA Certificate x509RootCertificateFileNames = new ArrayList<String>(); if (rootCertificateFileNames != null) { for (String fileName : rootCertificateFileNames) { x509RootCertificateFileNames.add(fileName); } } // Read Private Key InputStream is = null; if (privateKeyFileName == null) { is = TransCellAccessToken.class.getClassLoader() .getResourceAsStream(X509KeySelector.DEFAULT_SERVER_KEY_PATH); } else { is = new FileInputStream(privateKeyFileName); } PEMReader privateKeyPemReader = new PEMReader(is); byte[] privateKeyDerBytes = privateKeyPemReader.getDerBytes(); PKCS1EncodedKeySpec keySpecRSAPrivateKey = new PKCS1EncodedKeySpec(privateKeyDerBytes); KeyFactory keyFactory = KeyFactory.getInstance("RSA"); privKey = keyFactory.generatePrivate(keySpecRSAPrivateKey.getKeySpec()); // Read Certificate if (certificateFileName == null) { is = TransCellAccessToken.class.getClassLoader() .getResourceAsStream(X509KeySelector.DEFAULT_SERVER_CRT_PATH); } else { is = new FileInputStream(certificateFileName); } PEMReader serverCertificatePemReader; serverCertificatePemReader = new PEMReader(is); byte[] serverCertificateBytesCert = serverCertificatePemReader.getDerBytes(); CertificateFactory cf = CertificateFactory.getInstance(X509KeySelector.X509KEY_TYPE); x509Certificate = (X509Certificate) cf .generateCertificate(new ByteArrayInputStream(serverCertificateBytesCert)); // Create the KeyInfo containing the X509Data KeyInfoFactory keyInfoFactory = xmlSignatureFactory.getKeyInfoFactory(); List x509Content = new ArrayList(); x509Content.add(x509Certificate.getSubjectX500Principal().getName()); x509Content.add(x509Certificate); X509Data xd = keyInfoFactory.newX509Data(x509Content); keyInfo = keyInfoFactory.newKeyInfo(Collections.singletonList(xd)); // Get FQDN from Certificate and set FQDN to PersoniumCoreUtils String dn = x509Certificate.getSubjectX500Principal().getName(); LdapName ln = new LdapName(dn); for (Rdn rdn : ln.getRdns()) { if (rdn.getType().equalsIgnoreCase("CN")) { PersoniumCoreUtils.setFQDN(rdn.getValue().toString()); break; } } // http://java.sun.com/developer/technicalArticles/xml/dig_signature_api/ }
From source file:fi.laverca.Pkcs1.java
/** * Get the signer CN. /*from w w w . j a va 2s . co m*/ * <p>Equivalent to calling getSignerCert and * then parsing out the CN from the certificate's Subject field. * @return Signer's CN or null if there's a problem. */ public String getSignerCn() { try { X509Certificate signerCert = this.getSignerCert(); String dn = signerCert.getSubjectX500Principal().getName(); String cn = null; try { LdapName ldapDn = new LdapName(dn); List<Rdn> rdns = ldapDn.getRdns(); for (Rdn r : rdns) { if ("CN".equals(r.getType())) { cn = r.getValue().toString(); } } } catch (InvalidNameException e) { log.warn("Invalid name", e); } return cn; } catch (Throwable t) { log.error("Failed to get Signer cert " + t.getMessage()); return null; } }
From source file:com.redhat.lightblue.rest.auth.jboss.CertLdapLoginModule.java
private String getLDAPAttribute(String certificatePrincipal, String searchAttribute) throws NamingException { String searchName = new String(); LdapName name = new LdapName(certificatePrincipal); for (Rdn rdn : name.getRdns()) { if (rdn.getType().equalsIgnoreCase(searchAttribute)) { searchName = (String) rdn.getValue(); break; }//from www. ja v a 2 s .c o m } return searchName; }
From source file:fi.laverca.Pkcs7.java
/** * Convenience method. Equivalent to calling getSignerCert and * then parsing out the CN from the certificate's Subject field. * @return Signer CN or null if there's a problem. *//* w w w .ja v a 2 s . c o m*/ public String getSignerCn() { try { X509Certificate signerCert = this.getSignerCert(); String dn = signerCert.getSubjectX500Principal().getName(); String cn = null; try { LdapName ldapDn = new LdapName(dn); List<Rdn> rdns = ldapDn.getRdns(); for (Rdn r : rdns) { if ("CN".equals(r.getType())) { cn = r.getValue().toString(); } } } catch (InvalidNameException e) { log.warn("Invalid name", e); } return cn; } catch (Throwable t) { log.error("Failed to get signer CN: " + t.getMessage()); return null; } }
From source file:edu.jhu.pha.vospace.oauth.AuthorizationServlet.java
private String checkCertificate(HttpServletRequest request) { java.security.cert.X509Certificate[] certs = (java.security.cert.X509Certificate[]) request .getAttribute("javax.servlet.request.X509Certificate"); if (null != certs) { if (certs[0] != null) { String dn = certs[0].getSubjectX500Principal().getName(); try { LdapName ldn = new LdapName(dn); Iterator<Rdn> rdns = ldn.getRdns().iterator(); String org = null, cn = null; while (rdns.hasNext()) { Rdn rdn = (Rdn) rdns.next(); if (rdn.getType().equalsIgnoreCase("O")) org = (String) rdn.getValue(); else if (rdn.getType().equalsIgnoreCase("CN")) cn = (String) rdn.getValue(); }// w w w.j a va2 s.com if (cn != null) { return cn; } else { logger.error("Error authenticating the user: cn not found in certificate."); throw new PermissionDeniedException("401 Unauthorized"); } } catch (javax.naming.InvalidNameException e) { } } } return null; }