THIS IS A TEST INSTANCE. ALL YOUR CHANGES WILL BE LOST!!!!
...
| Distinguished Name | Mapping pattern | Mapping value | mapped name |
|---|---|---|---|
| CN=kafka-server1, OU=KAFKA | ^CN=(.?), OU=(.?)$ | $1 | kafka-server1 |
| CN=kafka1, OU=SME, O=mycp, L=Fulton, ST=MD, C=US | ^CN=(.?), OU=(.?), O=(.?), L=(.?), ST=(.?), C=(.?)$ | $1@$2 | kafka1@SME |
| cn=kafka1,ou=SME,dc=mycp,dc=com | ^cn=(.?),ou=(.?),dc=(.?),dc=(.?)$ | $1 | kaffka1 |
This is option supports single mapping pattern. This handles most of the common use cases.
Option 2:
...
| Code Block |
|---|
ssl.principal.mapping.rules= RULE:^CN=(.*?),OU=ServiceUsers.*$/$1/, RULE:^CN=(.*?), OU=(.*?), O=(.*?), L=(.*?), ST=(.*?), C=(.*?)$/$1@$2/, RULE:^cn=(.?),ou=(.?),dc=(.?),dc=(.?)$/$1@$2/L, RULE:^.*[Cc][Nn]=([a-zA-Z0-9.]*).*$/$1/L, DEFAULT |
This is option support supports multiple mapping patterns. This can handle few more scenarios than Option 1.
...