Got It! Opening eclipse..
Thanks,
Francisco
Pablo Mosquera Saenz wrote:
Its not supported by CAS. Marvid opened an issue on jira about using
regular expressions.
I solved the problem extending the class with another property:
<!-- DNIe Resolver -->
<bean
class="se.gu.cas.X509RegexpCertificateCredentialsToIdentifierPrincipalResolver">
<property name="identifier" value="$SERIALNUMBER" />
</bean>
<!-- FNMT Resolver -->
<bean
class="se.gu.cas.X509RegexpCertificateCredentialsToIdentifierPrincipalResolver">
<property name="identifier" value="$CN" />
<property name="regexp" value="CIF ([A-Z]\d{8})|NIF (\d{8}[A-Z])" />
</bean>
In my own class I parse the content of the identifier
Hope this helps you.
Pablo
2010/3/11 Francisco Estanqueiro <[email protected]
<mailto:[email protected]>>
Thats what I'm going to do if there's no way I can filter the
attributes in deployerConfigContext.xml.
Thanks for the suggestion.
Francisco
Joachim Fritschi wrote:
Hi,
How about writing a class similar to the
X509CertificateCredentialsToSerialNumberPrincipalResolver
that extends the
AbstractX509CertificateCredentialsToPrincipalResolver
and simply chopping of the chars you want to ignore before
returning the string in the resolvePrincipalInternal() function?
Regards,
Joachim
Francisco Estanqueiro schrieb:
Anyone?
Francisco Estanqueiro wrote:
Hello everyone,
I would like to know if there's a way for me to remove
characters from an attribute from an X509 Certificate
and match it with an LDAP attribute. My config is:
Attribute from X509: <property name="identifier"
value="$SERIALNUMBER" />
Attribute to Match: <property name="filter"
value="description=%u" />
This works beautifully if they are the same.. but my
problem is I want to ignore the first two and the last
characters from $SERIALNUMBER and then match it with
the ldap attribute "description".
Example:
$SERIALNUMBER: XX123123123X
description: 123123123
Its possible?
Thanks,
Francisco
--
You are currently subscribed to [email protected]
<mailto:[email protected]> as: [email protected]
<mailto:[email protected]>
To unsubscribe, change settings or access archives, see
http://www.ja-sig.org/wiki/display/JSG/cas-user
--
You are currently subscribed to [email protected] as:
[email protected]
To unsubscribe, change settings or access archives, see
http://www.ja-sig.org/wiki/display/JSG/cas-user
--
You are currently subscribed to [email protected] as:
[email protected]
To unsubscribe, change settings or access archives, see
http://www.ja-sig.org/wiki/display/JSG/cas-user
