IsX509CertificateSubject.java (Apache James 2.3.1)

File	Doc	Category	Size	Date	Package
IsX509CertificateSubject.java	API Doc	Apache James 2.3.1	3671	Fri Jan 12 12:56:32 GMT 2007	org.apache.james.transport.matchers.smime
IsX509CertificateSubject.java

/****************************************************************
 * Licensed to the Apache Software Foundation (ASF) under one   *
 * or more contributor license agreements.  See the NOTICE file *
 * distributed with this work for additional information        *
 * regarding copyright ownership.  The ASF licenses this file   *
 * to you under the Apache License, Version 2.0 (the            *
 * "License"); you may not use this file except in compliance   *
 * with the License.  You may obtain a copy of the License at   *
 *                                                              *
 *   http://www.apache.org/licenses/LICENSE-2.0                 *
 *                                                              *
 * Unless required by applicable law or agreed to in writing,   *
 * software distributed under the License is distributed on an  *
 * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY       *
 * KIND, either express or implied.  See the License for the    *
 * specific language governing permissions and limitations      *
 * under the License.                                           *
 ****************************************************************/

package org.apache.james.transport.matchers.smime;

import java.security.Principal;
import java.security.cert.X509Certificate;
import java.util.Collection;
import java.util.Collections;
import java.util.Iterator;
import java.util.List;

import javax.mail.MessagingException;

import org.apache.mailet.GenericMatcher;
import org.apache.mailet.Mail;

/**
 * <p>
 * Checks if the subject of a X509Certificate contains the supplied string. The
 * certificate is read from the specified mail attribute.
 * </p><p>
 * If the specified attribute contains more than one certificate the matcher matches if at
 * least one of the certificates contains the given string.
 * </p>
 * <p>
 * Configuration string:
 * <ul>
 * <li>mailAttribute;string</li>
 * </ul>
 * 
 */
public class IsX509CertificateSubject extends GenericMatcher {
    protected String sourceAttribute;
    protected String check;
    
    public void init() throws MessagingException {
        String condition = getCondition();
        if(condition == null || condition.indexOf(";") == -1) 
            throw new MessagingException("Invalid matcher configuration: "+condition);
        
        int pos = condition.indexOf(";");
        sourceAttribute = condition.substring(0,pos).trim();
        check = condition.substring(pos+1, condition.length());
    }
    
    public Collection match(Mail mail) throws MessagingException {
        List certificates;
        
        Object obj = mail.getAttribute(sourceAttribute);
        if (obj != null) {
            if (obj instanceof X509Certificate) {
                certificates = Collections.singletonList(obj);
            } else {
                certificates = (List) obj;
            }

            boolean valid = false;

            for (Iterator iter = certificates.iterator(); iter.hasNext();) {
                X509Certificate cert = (X509Certificate) iter.next();

                // Here I should use the method getSubjectX500Principal, but
                // that would break the compatibility with jdk13.
                Principal prin = cert.getSubjectDN();
                // TODO: Maybe here a more strong check should be done ...
                if ((prin.toString().indexOf(check)) > 0) {
                    valid = true;
                }
            }

            if (valid) {
                return mail.getRecipients();
            } else {
                return null;
            }
        } else {
            return null;
        }
    }

}