com.googlecode.fascinator.authentication.ldap

Class LdapAuthenticationHandler

java.lang.Object

com.googlecode.fascinator.authentication.ldap.LdapAuthenticationHandler

public class LdapAuthenticationHandler
extends Object

Very simple LDAP authentication Handler

Author:

Oliver Lucido and, Richard Hammond, Mike Jones, Shilo Banihit

Constructor Summary

Constructors

Constructor and Description
LdapAuthenticationHandler(String baseUrl, String baseDn, String ldapSecurityPrincipal, String ldapSecurityCredentials) Creates an LDAP authenticator for the specified server and base DN, using the default identifier attribute "uid"
LdapAuthenticationHandler(String baseUrl, String baseDn, String ldapSecurityPrincipal, String ldapSecurityCredentials, String ldapRoleAttr, String idAttr) Creates an LDAP authenticator for the specified server, base DN and given identifier attribute
LdapAuthenticationHandler(String baseUrl, String baseDn, String ldapSecurityPrincipal, String ldapSecurityCredentials, String ldapRoleAttr, String idAttr, Map<String,List<String>> ldapRolesMap) Creates an LDAP authenticator for the specified server, base DN and given identifier attribute
LdapAuthenticationHandler(String baseUrl, String baseDn, String ldapSecurityPrincipal, String ldapSecurityCredentials, String ldapRoleAttr, String idAttr, String filterPrefix, String filterSuffix, Map<String,List<String>> ldapRolesMap) Creates an LDAP authenticator for the specified server, base DN and given identifier attribute

Method Summary

Methods

Modifier and Type	Method and Description
boolean	authenticate(String username, String password) Tries to authenticate user by using default settings, otherwise searches for the DN of the user
List<String>	getAllAttrs(String username, String attrName) Tries to find the value(s) of the given attribute.
List<Map<String,List<String>>>	getAllAttrValues(String[] term, String searchString) Performs an LDAP search using the search string and the term(s).
String	getAttr(String username, String attrName) Tries to find the value of the given attribute.
List<Map<String,String>>	getAttrs(String username, List<String> attrNames) Retrieves the attributes for this user.
List<String>	getRoles(String username) Get the list of roles that the user is a member of.
boolean	testIfInObjectClass(String username, String testSubj) Searches through the role attribute values and tries to match the given string.
void	useSystemCred() Reverts credentials to use system's rather than the currently logged in user.

Methods inherited from class java.lang.Object

clone, equals, finalize, getClass, hashCode, notify, notifyAll, toString, wait, wait, wait

Constructor Detail

LdapAuthenticationHandler

public LdapAuthenticationHandler(String baseUrl,
                         String baseDn,
                         String ldapSecurityPrincipal,
                         String ldapSecurityCredentials)

Creates an LDAP authenticator for the specified server and base DN, using the default identifier attribute "uid"

Parameters:

baseUrl - LDAP server URL

baseDn - LDAP base DN

LdapAuthenticationHandler

public LdapAuthenticationHandler(String baseUrl,
                         String baseDn,
                         String ldapSecurityPrincipal,
                         String ldapSecurityCredentials,
                         String ldapRoleAttr,
                         String idAttr)

Creates an LDAP authenticator for the specified server, base DN and given identifier attribute

Parameters:

baseUrl - LDAP server URL

baseDn - LDAP base DN

ldapSecurityPrincipal - LDAP Security Principal

ldapSecurityCredentials - Credentials for Security Principal

ldapRoleAttr - Name of the LDAP attribute that defines the role

idAttr - LDAP user identifier attribute

LdapAuthenticationHandler

public LdapAuthenticationHandler(String baseUrl,
                         String baseDn,
                         String ldapSecurityPrincipal,
                         String ldapSecurityCredentials,
                         String ldapRoleAttr,
                         String idAttr,
                         Map<String,List<String>> ldapRolesMap)

Creates an LDAP authenticator for the specified server, base DN and given identifier attribute

Parameters:

baseUrl - LDAP server URL

baseDn - LDAP base DN

ldapSecurityPrincipal - LDAP Security Principal

ldapSecurityCredentials - Credentials for Security Principal

ldapRoleAttr - Name of the LDAP attribute that defines the role

idAttr - LDAP user identifier attribute

ldapRolesMap - Maps relevant LDAP roles to Fascinator roles

LdapAuthenticationHandler

public LdapAuthenticationHandler(String baseUrl,
                         String baseDn,
                         String ldapSecurityPrincipal,
                         String ldapSecurityCredentials,
                         String ldapRoleAttr,
                         String idAttr,
                         String filterPrefix,
                         String filterSuffix,
                         Map<String,List<String>> ldapRolesMap)

Creates an LDAP authenticator for the specified server, base DN and given identifier attribute

Parameters:

baseUrl - LDAP server URL

baseDn - LDAP base DN

ldapSecurityPrincipal - LDAP Security Principal

ldapSecurityCredentials - Credentials for Security Principal

ldapRoleAttr - Name of the LDAP attribute that defines the role

idAttr - LDAP user identifier attribute

ldapRolesMap - Maps relevant LDAP roles to Fascinator roles

Method Detail

authenticate

public boolean authenticate(String username,
                   String password)

Tries to authenticate user by using default settings, otherwise searches for the DN of the user

Parameters:

username - a username

password - a password

Returns:

true if authentication was successful, false otherwise

getAttr

public String getAttr(String username,
             String attrName)

Tries to find the value of the given attribute. Note that this method only uses the first search result.

Parameters:

username - a username

attrName - the name of the attribute to find

Returns:

the value of the attribute, or an empty string

getAllAttrs

public List<String> getAllAttrs(String username,
                       String attrName)

Tries to find the value(s) of the given attribute. Note that this method uses all search results.

Parameters:

username - a username

attrName - the name of the attribute to find

Returns:

a list of values for the attribute, or an empty list

getAttrs

public List<Map<String,String>> getAttrs(String username,
                                List<String> attrNames)

Retrieves the attributes for this user.

Parameters:

username -

attrNames - - List of attributes to retrieve from search results

Returns:

List of maps with attributes as key name

testIfInObjectClass

public boolean testIfInObjectClass(String username,
                          String testSubj)

Searches through the role attribute values and tries to match the given string.

Parameters:

username - a username

testSubj - the string to look for

Returns:

true if string was found false otherwise

getRoles

public List<String> getRoles(String username)

Get the list of roles that the user is a member of. Maps LDAP roles to Fascinator roles.

Parameters:

username - The username that identifies the user

Returns:

A list of Fascinator role names

getAllAttrValues

public List<Map<String,List<String>>> getAllAttrValues(String[] term,
                                              String searchString)

Performs an LDAP search using the search string and the term(s). The search string should be of String.format(). Returns a list of

Parameters:

term - - array of values to replace on search string

searchString - - must be of String.format()

Returns:

a list of maps of the attribute. Each attribute in the map contains a list of vales.

useSystemCred

public void useSystemCred()

Reverts credentials to use system's rather than the currently logged in user.