The RACFUserid class can be used in conjunction with the CICS® Transaction Gateway security exit to map an ECI request to a RACF® user ID, based on the distinguished name in the SSL client certificate. The class has the following methods:
RACFUserid myUseridObject = new RACFUserid(myCertificate);
This creates an object and automatically populates it with certificate data, without needing to call the setCertificate(byte[] clientCertificateData); method. When the object has been created, the getRACFUserid() method can be used to make a native RACF call to determine the user ID associated with the certificate data. If successful, it returns a string containing the user ID.
The SSLServerCompression.java class in the <install_path>⁄samples⁄java⁄com⁄ibm⁄ctg⁄samples⁄security subdirectory shows an example of how to use the RACFUserid class.
For more information on the com.ibm.ctg.util.RACFUserid class, see Class RACFUserid.