Cwikius-Spring/spring-security
1
0
Fork 0
mirror of https://github.com/spring-projects/spring-security.git synced 2025-06-24 21:12:18 +00:00
Code Issues Packages Projects Releases Wiki Activity

SEC-1961: SubjectDnX509PrincipalExtractor supports CN as last segement

Browse Source
This commit is contained in:
Rob Winch 2012-08-17 14:45:38 -05:00
parent 4fabe939d0
commit c2def26c3e
1 changed files with 3 additions and 3 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

6
web/src/main/java/org/springframework/security/web/authentication/preauth/x509/SubjectDnX509PrincipalExtractor.java
View File

@ -17,7 +17,7 @@ import java.util.regex.Matcher;
* Obtains the principal from a certificate using a regular expression match against the Subject (as returned by a call * Obtains the principal from a certificate using a regular expression match against the Subject (as returned by a call
* to {@link X509Certificate#getSubjectDN()}). * to {@link X509Certificate#getSubjectDN()}).
* <p> * <p>
* The regular expression should contain a single group; for example the default expression "CN=(.?)," matches the * The regular expression should contain a single group; for example the default expression "CN=(.*?)(?:,|$)" matches the
* common name field. So "CN=Jimi Hendrix, OU=..." will give a user name of "Jimi Hendrix". * common name field. So "CN=Jimi Hendrix, OU=..." will give a user name of "Jimi Hendrix".
* <p> * <p>
* The matches are case insensitive. So "emailAddress=(.?)," will match "EMAILADDRESS=jimi@hendrix.org, CN=..." giving a * The matches are case insensitive. So "emailAddress=(.?)," will match "EMAILADDRESS=jimi@hendrix.org, CN=..." giving a
@ -33,7 +33,7 @@ public class SubjectDnX509PrincipalExtractor implements X509PrincipalExtractor {
private Pattern subjectDnPattern; private Pattern subjectDnPattern;
public SubjectDnX509PrincipalExtractor() { public SubjectDnX509PrincipalExtractor() {
setSubjectDnRegex("CN=(.*?),"); setSubjectDnRegex("CN=(.*?)(?:,|$)");
} }
public Object extractPrincipal(X509Certificate clientCert) { public Object extractPrincipal(X509Certificate clientCert) {
@ -64,7 +64,7 @@ public class SubjectDnX509PrincipalExtractor implements X509PrincipalExtractor {
* Sets the regular expression which will by used to extract the user name from the certificate's Subject * Sets the regular expression which will by used to extract the user name from the certificate's Subject
* DN. * DN.
* <p> * <p>
* It should contain a single group; for example the default expression "CN=(.?)," matches the common * It should contain a single group; for example the default expression "CN=(.*?)(?:,|$)" matches the common
* name field. So "CN=Jimi Hendrix, OU=..." will give a user name of "Jimi Hendrix". * name field. So "CN=Jimi Hendrix, OU=..." will give a user name of "Jimi Hendrix".
* <p> * <p>
* The matches are case insensitive. So "emailAddress=(.?)," will match "EMAILADDRESS=jimi@hendrix.org, * The matches are case insensitive. So "emailAddress=(.?)," will match "EMAILADDRESS=jimi@hendrix.org,