- * The regular expression should contain a single group; for example the default expression "CN=(.?)," matches the + * The regular expression should contain a single group; for example the default expression "CN=(.*?)(?:,|$)" matches the * common name field. So "CN=Jimi Hendrix, OU=..." will give a user name of "Jimi Hendrix". *
* The matches are case insensitive. So "emailAddress=(.?)," will match "EMAILADDRESS=jimi@hendrix.org, CN=..." giving a @@ -33,7 +33,7 @@ public class SubjectDnX509PrincipalExtractor implements X509PrincipalExtractor { private Pattern subjectDnPattern; public SubjectDnX509PrincipalExtractor() { - setSubjectDnRegex("CN=(.*?),"); + setSubjectDnRegex("CN=(.*?)(?:,|$)"); } public Object extractPrincipal(X509Certificate clientCert) { @@ -64,7 +64,7 @@ public class SubjectDnX509PrincipalExtractor implements X509PrincipalExtractor { * Sets the regular expression which will by used to extract the user name from the certificate's Subject * DN. *
- * It should contain a single group; for example the default expression "CN=(.?)," matches the common + * It should contain a single group; for example the default expression "CN=(.*?)(?:,|$)" matches the common * name field. So "CN=Jimi Hendrix, OU=..." will give a user name of "Jimi Hendrix". *
* The matches are case insensitive. So "emailAddress=(.?)," will match "EMAILADDRESS=jimi@hendrix.org,