3171 2005-04-14 13:32 add RFC 2253 principal name to JAAS subject? 2006-10-11 15:37:20 1 1 1 Unclassified Java WS Security Authentication 4.0.3 PC Linux NEW P3 enhancement --- 1 tfreeman@mcs.anl.gov ranantha@mcs.anl.gov gawor@mcs.anl.gov tfreeman@mcs.anl.gov 2005-04-14 13:32:45 With the X500Principal class, it is possible to obtain a RFC 2253 compliant DN. Perhaps it would be useful to introduce a convenience method to service/authz programmers (S.Meder suggests to add it to the JAAS subject) and maybe even to eventually introduce this as an available way to represent DNs in gridmap files etc. import javax.security.auth.x500.X500Principal X509Certificate userx509 = null; // get userx509 X500Principal userx500 = userx509.getIssuerX500Principal(); subjectName = userx500.getName(); tfreeman@mcs.anl.gov 2005-04-14 15:50:45 The Shibboleth integration will use this form: getName(X500Principal.CANONICAL) gawor@mcs.anl.gov 2005-04-14 17:51:13 Would string representation of the DN in RFC 2253 format be ok?