com.googlecode.fascinator.authentication.ldap

Class LDAPAuthentication

java.lang.Object

com.googlecode.fascinator.authentication.ldap.LDAPAuthentication

All Implemented Interfaces:

com.googlecode.fascinator.api.authentication.Authentication, com.googlecode.fascinator.api.Plugin

public class LDAPAuthentication
extends Object
implements com.googlecode.fascinator.api.authentication.Authentication

This plugin is a sample plugin on how to manage authentication against an ldap server.

Configuration

Standard configuration table:

Option	Description	Required	Default
ldap/baseURL	URL of the LDAP server	Yes	ldap://ldap.uq.edu.au:389
ldap/baseDN	The base Distinguished Name to search under	Yes	ou=people,o=The University of Queensland,c=AU
ldap/ldapSecurityPrincipal	Security Principal for non-anonymous binding	Yes	cn=JohnDoe,ou=Sample Account,dc=sample,dc=edu,dc=au
ldap/ldapSecurityCredentials	Credentials for ldapSecurityPrincipal	Yes	*******
ldap/idAttribute	The name of the attribute for which the username will be searched under	Yes	uid
ldap/ldapRoleAttribute	The name of the LDAP attribute that contains the role values	No	objectClass

Examples

1. Using Internal authentication plugin in The Fascinator

       "authentication": {
               "type": "ldap",
               "ldap": {
                   "baseURL": "ldap://ldap.uq.edu.au:389",
                   "baseDN": "ou=people,o=The University of Queensland,c=AU",
                   "ldapSecurityPrincipal": "cn=SomeName,ou=SomeOrgUnit,dn=sample,dn=edu,dn=au",
                   "ldapSecurityCredentials": "********",
                   "baseDN": "ou=people,o=The University of Queensland,c=AU",
                   "idAttribute": "uid"
                   "ldapRoleAttribute": "objectClass",
               }
           }
    

Wiki Link

None

Author:

Greg Pendlebury and, Richard Hammond and, Shilo Banihit

Constructor Summary

Constructors

Constructor and Description
LDAPAuthentication()

Method Summary

Methods

Modifier and Type	Method and Description
void	changePassword(String username, String password) A simplified method alternative to modifyUser() if the implementing class wants to just allow password changes.
com.googlecode.fascinator.api.authentication.User	createUser(String username, String password) Create a user.
void	deleteUser(String username) Delete a user.
String	describeUser() Describe the metadata the implementing class needs/allows for a user.
String	getId()
String	getName()
com.googlecode.fascinator.api.PluginDescription	getPluginDetails() Gets a PluginDescription object relating to this plugin.
com.googlecode.fascinator.api.authentication.User	getUser(String username) Returns a User object if the implementing class supports user queries without authentication.
void	init(File jsonFile)
void	init(String jsonString) Initialisation of LDAP Authentication plugin
com.googlecode.fascinator.api.authentication.User	logIn(String username, String password) Tests the user's username/password validity.
void	logOut(com.googlecode.fascinator.api.authentication.User user) Optional logout method if the implementing class wants to do any post-processing.
com.googlecode.fascinator.api.authentication.User	modifyUser(String username, String property, boolean newValue)
com.googlecode.fascinator.api.authentication.User	modifyUser(String username, String property, int newValue)
com.googlecode.fascinator.api.authentication.User	modifyUser(String username, String property, String newValue) Modify one of the user's properties.
List<com.googlecode.fascinator.api.authentication.User>	searchUsers(String search) Returns a list of users matching the search.
void	shutdown()
boolean	supportsUserManagement() Method for testing if the implementing plugin allows the creation, deletion and modification of users.

Methods inherited from class java.lang.Object

clone, equals, finalize, getClass, hashCode, notify, notifyAll, toString, wait, wait, wait

Constructor Detail

LDAPAuthentication

public LDAPAuthentication()

Method Detail

getId

public String getId()

Specified by:

getId in interface com.googlecode.fascinator.api.Plugin

getName

public String getName()

Specified by:

getName in interface com.googlecode.fascinator.api.Plugin

getPluginDetails

public com.googlecode.fascinator.api.PluginDescription getPluginDetails()

Gets a PluginDescription object relating to this plugin.

Specified by:

getPluginDetails in interface com.googlecode.fascinator.api.Plugin

Returns:

a PluginDescription

init

public void init(String jsonString)
          throws com.googlecode.fascinator.api.authentication.AuthenticationException

Initialisation of LDAP Authentication plugin

Specified by:

init in interface com.googlecode.fascinator.api.Plugin

Throws:

com.googlecode.fascinator.api.authentication.AuthenticationException - if fails to initialise

init

public void init(File jsonFile)
          throws com.googlecode.fascinator.api.authentication.AuthenticationException

Specified by:

init in interface com.googlecode.fascinator.api.Plugin

Throws:

com.googlecode.fascinator.api.authentication.AuthenticationException

shutdown

public void shutdown()
              throws com.googlecode.fascinator.api.authentication.AuthenticationException

Specified by:

shutdown in interface com.googlecode.fascinator.api.Plugin

Throws:

com.googlecode.fascinator.api.authentication.AuthenticationException

logIn

public com.googlecode.fascinator.api.authentication.User logIn(String username,
                                                      String password)
                                                        throws com.googlecode.fascinator.api.authentication.AuthenticationException

Tests the user's username/password validity.

Specified by:

logIn in interface com.googlecode.fascinator.api.authentication.Authentication

Parameters:

username - The username of the user logging in.

password - The password of the user logging in.

Returns:

A user object for the newly logged in user.

Throws:

com.googlecode.fascinator.api.authentication.AuthenticationException - if there was an error logging in.

logOut

public void logOut(com.googlecode.fascinator.api.authentication.User user)
            throws com.googlecode.fascinator.api.authentication.AuthenticationException

Optional logout method if the implementing class wants to do any post-processing.

Specified by:

logOut in interface com.googlecode.fascinator.api.authentication.Authentication

Parameters:

username - The username of the logging out user.

Throws:

com.googlecode.fascinator.api.authentication.AuthenticationException - if there was an error logging out.

supportsUserManagement

public boolean supportsUserManagement()

Method for testing if the implementing plugin allows the creation, deletion and modification of users.

Specified by:

supportsUserManagement in interface com.googlecode.fascinator.api.authentication.Authentication

Returns:

true/false reponse.

describeUser

public String describeUser()

Describe the metadata the implementing class needs/allows for a user. TODO: This is a placeholder of possible later SQUIRE integration.

Specified by:

describeUser in interface com.googlecode.fascinator.api.authentication.Authentication

Returns:

TODO: possibly a JSON string.

createUser

public com.googlecode.fascinator.api.authentication.User createUser(String username,
                                                           String password)
                                                             throws com.googlecode.fascinator.api.authentication.AuthenticationException

Create a user.

Specified by:

createUser in interface com.googlecode.fascinator.api.authentication.Authentication

Parameters:

username - The username of the new user.

password - The password of the new user.

Returns:

A user object for the newly created in user.

Throws:

com.googlecode.fascinator.api.authentication.AuthenticationException - if there was an error creating the user.

deleteUser

public void deleteUser(String username)
                throws com.googlecode.fascinator.api.authentication.AuthenticationException

Delete a user.

Specified by:

deleteUser in interface com.googlecode.fascinator.api.authentication.Authentication

Parameters:

username - The username of the user to delete.

Throws:

com.googlecode.fascinator.api.authentication.AuthenticationException - if there was an error during deletion.

changePassword

public void changePassword(String username,
                  String password)
                    throws com.googlecode.fascinator.api.authentication.AuthenticationException

A simplified method alternative to modifyUser() if the implementing class wants to just allow password changes.

Specified by:

changePassword in interface com.googlecode.fascinator.api.authentication.Authentication

Parameters:

username - The user changing their password.

password - The new password for the user.

Throws:

com.googlecode.fascinator.api.authentication.AuthenticationException - if there was an error changing the password.

modifyUser

public com.googlecode.fascinator.api.authentication.User modifyUser(String username,
                                                           String property,
                                                           String newValue)
                                                             throws com.googlecode.fascinator.api.authentication.AuthenticationException

Modify one of the user's properties. Available properties should match up with the return value of describeUser().

Specified by:

modifyUser in interface com.googlecode.fascinator.api.authentication.Authentication

Parameters:

username - The user being modified.

property - The user property being modified.

newValue - The new value to be assigned to the property.

Returns:

An updated user object for the modifed user.

Throws:

com.googlecode.fascinator.api.authentication.AuthenticationException - if there was an error during modification.

modifyUser

public com.googlecode.fascinator.api.authentication.User modifyUser(String username,
                                                           String property,
                                                           int newValue)
                                                             throws com.googlecode.fascinator.api.authentication.AuthenticationException

Specified by:

modifyUser in interface com.googlecode.fascinator.api.authentication.Authentication

Throws:

com.googlecode.fascinator.api.authentication.AuthenticationException

modifyUser

public com.googlecode.fascinator.api.authentication.User modifyUser(String username,
                                                           String property,
                                                           boolean newValue)
                                                             throws com.googlecode.fascinator.api.authentication.AuthenticationException

Specified by:

modifyUser in interface com.googlecode.fascinator.api.authentication.Authentication

Throws:

com.googlecode.fascinator.api.authentication.AuthenticationException

getUser

public com.googlecode.fascinator.api.authentication.User getUser(String username)
                                                          throws com.googlecode.fascinator.api.authentication.AuthenticationException

Returns a User object if the implementing class supports user queries without authentication.

Specified by:

getUser in interface com.googlecode.fascinator.api.authentication.Authentication

Parameters:

username - The username of the user required.

Returns:

An user object of the requested user.

Throws:

com.googlecode.fascinator.api.authentication.AuthenticationException - if there was an error retrieving the object.

searchUsers

public List<com.googlecode.fascinator.api.authentication.User> searchUsers(String search)
                                                                    throws com.googlecode.fascinator.api.authentication.AuthenticationException

Returns a list of users matching the search.

Specified by:

searchUsers in interface com.googlecode.fascinator.api.authentication.Authentication

Parameters:

search - The search string to execute.

Returns:

A list of usernames (String) that match the search.

Throws:

com.googlecode.fascinator.api.authentication.AuthenticationException - if there was an error searching.