hudson.plugins.active_directory

Class ActiveDirectorySecurityRealm.DesciprotrImpl

java.lang.Object

hudson.model.Descriptor<hudson.security.SecurityRealm>

hudson.plugins.active_directory.ActiveDirectorySecurityRealm.DesciprotrImpl

All Implemented Interfaces:

hudson.model.Saveable

Enclosing class:

ActiveDirectorySecurityRealm

@Extension
public static final class ActiveDirectorySecurityRealm.DesciprotrImpl
extends hudson.model.Descriptor<hudson.security.SecurityRealm>

Nested Class Summary

Nested classes/interfaces inherited from class hudson.model.Descriptor

hudson.model.Descriptor.FormException, hudson.model.Descriptor.PropertyType

Field Summary

Fields inherited from class hudson.model.Descriptor

clazz

Fields inherited from interface hudson.model.Saveable

NOOP

Constructor Summary

Constructors

Constructor and Description
ActiveDirectorySecurityRealm.DesciprotrImpl()

Method Summary

Methods

Modifier and Type	Method and Description
DirContext	bind(String principalName, String password, List<SocketInfo> ldapServers) Binds to the server using the specified username/password.
boolean	canDoNativeAuth() If true, we can do ADSI/COM based look up that's far more reliable.
DirContext	createDNSLookupContext() Creates DirContext for accesssing DNS.
hudson.util.FormValidation	doValidate(String domain, String site, String bindName, String bindPassword, String server)
String	getDisplayName()
String	getHelpFile()
List<SocketInfo>	obtainLDAPServer(DirContext ictx, String domainName, String site, String preferredServers) Use DNS and obtains the LDAP servers that we should try.
List<SocketInfo>	obtainLDAPServer(String domainName, String site, String preferredServer)

Methods inherited from class hudson.model.Descriptor

addHelpFileRedirect, calcAutoCompleteSettings, calcFillSettings, configure, configure, doHelp, find, find, getCheckUrl, getConfigFile, getConfigPage, getDescriptorUrl, getGlobalConfigPage, getGlobalPropertyType, getHelpFile, getHelpFile, getId, getJsonSafeClassName, getPlugin, getPropertyType, getPropertyType, getViewPage, isInstance, isSubTypeOf, load, newInstance, newInstance, newInstancesFromHeteroList, newInstancesFromHeteroList, save, toArray, toList, toMap

Methods inherited from class java.lang.Object

clone, equals, finalize, getClass, hashCode, notify, notifyAll, toString, wait, wait, wait

Constructor Detail

ActiveDirectorySecurityRealm.DesciprotrImpl

public ActiveDirectorySecurityRealm.DesciprotrImpl()

Method Detail

getDisplayName

public String getDisplayName()

Specified by:

getDisplayName in class hudson.model.Descriptor<hudson.security.SecurityRealm>

getHelpFile

public String getHelpFile()

Overrides:

getHelpFile in class hudson.model.Descriptor<hudson.security.SecurityRealm>

canDoNativeAuth

public boolean canDoNativeAuth()

If true, we can do ADSI/COM based look up that's far more reliable. False if we need to do the authentication in pure Java via ActiveDirectoryUnixAuthenticationProvider

doValidate

public hudson.util.FormValidation doValidate(@QueryParameter(fixEmpty=true)
                                    String domain,
                                    @QueryParameter(fixEmpty=true)
                                    String site,
                                    @QueryParameter(fixEmpty=true)
                                    String bindName,
                                    @QueryParameter(fixEmpty=true)
                                    String bindPassword,
                                    @QueryParameter(fixEmpty=true)
                                    String server)
                                      throws IOException,
                                             javax.servlet.ServletException,
                                             NamingException

Throws:

IOException

javax.servlet.ServletException

NamingException

bind

public DirContext bind(String principalName,
              String password,
              List<SocketInfo> ldapServers)

Binds to the server using the specified username/password.

In a real deployment, often there are servers that don't respond or otherwise broken, so try all the servers.

createDNSLookupContext

public DirContext createDNSLookupContext()
                                  throws NamingException

Creates DirContext for accesssing DNS.

Throws:

NamingException

obtainLDAPServer

public List<SocketInfo> obtainLDAPServer(String domainName,
                                String site,
                                String preferredServer)
                                  throws NamingException

Throws:

NamingException

obtainLDAPServer

public List<SocketInfo> obtainLDAPServer(DirContext ictx,
                                String domainName,
                                String site,
                                String preferredServers)
                                  throws NamingException

Use DNS and obtains the LDAP servers that we should try.

Parameters:

preferredServers - If non-null, these servers are reported instead of doing the discovery. In previous versions, this was simply added on top of the auto-discovered list, but this option is useful when you have many domain controllers (because a single mistyped password can cause an authentication attempt with every listed server, which can lock the user out!) This also puts this feature in alignment with ActiveDirectorySecurityRealm.DOMAIN_CONTROLLERS, which seems to indicate that there are users who prefer this behaviour.

Returns:

A list with at least one item.

Throws:

NamingException