public abstract class AbstractContextSource extends Object implements BaseLdapPathContextSource, InitializingBean
ContextSource
interface. By default,
returns an authenticated
DirContext
implementation for both read-only and
read-write operations. To have an anonymous environment created for read-only
operations, set the anonymousReadOnly
property to
true
.
Implementing classes need to implement
getDirContextInstance(Hashtable)
to create a DirContext
instance of the desired type.
If an AuthenticationSource
is set, this will be used for getting user
principal and password for each new connection, otherwise a default one will
be created using the specified userDn
and password
.
Note: When using implementations of this class outside of a Spring
Context it is necessary to call afterPropertiesSet()
when all
properties are set, in order to finish up initialization.
LdapTemplate
,
DefaultDirObjectFactory
,
LdapContextSource
,
DirContextSource
Modifier and Type | Field and Description |
---|---|
protected String |
password
Deprecated.
use
getPassword() and setPassword(String) instead |
static String |
SUN_LDAP_POOLING_FLAG |
protected String |
userDn
Deprecated.
use
getUserDn() and setUserDn(String) instead |
Constructor and Description |
---|
AbstractContextSource() |
Modifier and Type | Method and Description |
---|---|
void |
afterPropertiesSet()
Checks that all necessary data is set and that there is no compatibility
issues, after which the instance is initialized.
|
String |
assembleProviderUrlString(String[] ldapUrls)
Assemble a valid url String from all registered urls to add as
PROVIDER_URL to the environment. |
protected DirContext |
createContext(Hashtable<String,Object> environment)
Create a DirContext using the supplied environment.
|
protected Hashtable<String,Object> |
getAnonymousEnv() |
protected Hashtable<String,Object> |
getAuthenticatedEnv(String principal,
String credentials) |
AuthenticationSource |
getAuthenticationSource()
Get the authentication source.
|
LdapName |
getBaseLdapName()
Get the base LDAP path as a
LdapName . |
DistinguishedName |
getBaseLdapPath()
Deprecated.
DistinguishedName and associated classes and methods are deprecated as of 2.0. |
String |
getBaseLdapPathAsString()
Get the base LDAP path as a String.
|
DirContext |
getContext(String principal,
String credentials)
Gets a
DirContext instance authenticated using the supplied
principal and credentials. |
Class<?> |
getContextFactory()
Get the context factory.
|
protected abstract DirContext |
getDirContextInstance(Hashtable<String,Object> environment)
Implement in subclass to create a DirContext of the desired type (e.g.
|
Class<?> |
getDirObjectFactory()
Get the DirObjectFactory to use.
|
String |
getPassword()
Gets the password (credentials) to use for getting authenticated contexts.
|
DirContext |
getReadOnlyContext()
Gets a read-only
DirContext . |
DirContext |
getReadWriteContext()
Gets a read-write
DirContext instance. |
String[] |
getUrls()
Get the urls of the LDAP servers.
|
String |
getUserDn()
Gets the user distinguished name (principal) to use for getting
authenticated contexts.
|
boolean |
isAnonymousReadOnly()
Get whether an anonymous environment should be used for read-only
operations.
|
boolean |
isPooled()
Get whether the pooling flag should be set.
|
void |
setAnonymousReadOnly(boolean anonymousReadOnly)
Set whether an anonymous environment should be used for read-only
operations.
|
void |
setAuthenticationSource(AuthenticationSource authenticationSource)
Set the authentication source to use when retrieving user principal and
credentials.
|
void |
setAuthenticationStrategy(DirContextAuthenticationStrategy authenticationStrategy)
Set the
DirContextAuthenticationStrategy to use for preparing the
environment and processing the created DirContext instances. |
void |
setBase(String base)
Set the base suffix from which all operations should origin.
|
void |
setBaseEnvironmentProperties(Map<String,Object> baseEnvironmentProperties)
If any custom environment properties are needed, these can be set using
this method.
|
void |
setCacheEnvironmentProperties(boolean cacheEnvironmentProperties)
Set whether environment properties should be cached between requsts for
anonymous environment.
|
void |
setContextFactory(Class<?> contextFactory)
Set the context factory.
|
void |
setDirObjectFactory(Class<?> dirObjectFactory)
Set the DirObjectFactory to use.
|
void |
setPassword(String password)
Set the password (credentials) to use for getting authenticated contexts.
|
void |
setPooled(boolean pooled)
Set whether the pooling flag should be set, enabling the built-in LDAP
connection pooling.
|
void |
setReferral(String referral)
Set the method to handle referrals.
|
protected void |
setupAuthenticatedEnvironment(Hashtable<String,Object> env,
String principal,
String credentials)
Default implementation of setting the environment up to be authenticated.
|
void |
setUrl(String url)
Set the url of the LDAP server.
|
void |
setUrls(String[] urls)
Set the urls of the LDAP servers.
|
void |
setUserDn(String userDn)
Set the user distinguished name (principal) to use for getting
authenticated contexts.
|
@Deprecated protected String userDn
getUserDn()
and setUserDn(String)
instead@Deprecated protected String password
getPassword()
and setPassword(String)
insteadpublic static final String SUN_LDAP_POOLING_FLAG
public DirContext getContext(String principal, String credentials)
ContextSource
DirContext
instance authenticated using the supplied
principal and credentials. Typically to be used for plain authentication
purposes. Note that this method will never make use
of native Java LDAP pooling, even though this instance is configured to do so.
This is to force password changes in the target directory to take effect
as soon as possible.getContext
in interface ContextSource
principal
- The principal (typically a distinguished name of a user
in the LDAP tree) to use for authentication.credentials
- The credentials to use for authentication.DirContext
instance, never
null
.public DirContext getReadOnlyContext()
ContextSource
DirContext
. The returned
DirContext
must be possible to perform read-only operations
on.getReadOnlyContext
in interface ContextSource
public DirContext getReadWriteContext()
ContextSource
DirContext
instance.getReadWriteContext
in interface ContextSource
DirContext
instance, never null
.protected void setupAuthenticatedEnvironment(Hashtable<String,Object> env, String principal, String credentials)
DirContextAuthenticationStrategy
on this instance.env
- the environment to modify.principal
- the principal to authenticate with.credentials
- the credentials to authenticate with.DirContextAuthenticationStrategy
,
setAuthenticationStrategy(DirContextAuthenticationStrategy)
public String assembleProviderUrlString(String[] ldapUrls)
PROVIDER_URL
to the environment.ldapUrls
- all individual url Strings.public void setBase(String base)
base
- the base suffix.public DistinguishedName getBaseLdapPath()
DistinguishedName
and associated classes and methods are deprecated as of 2.0.BaseLdapPathSource
DistinguishedName
.getBaseLdapPath
in interface BaseLdapPathSource
DistinguishedName
. The path will
be empty if no base path is specified.public LdapName getBaseLdapName()
BaseLdapPathSource
LdapName
.getBaseLdapName
in interface BaseLdapPathSource
LdapName
. The path will
be empty if no base path is specified.public String getBaseLdapPathAsString()
BaseLdapPathSource
getBaseLdapPathAsString
in interface BaseLdapPathSource
protected DirContext createContext(Hashtable<String,Object> environment)
environment
- the LDAP environment to use when creating the
DirContext
.public void setContextFactory(Class<?> contextFactory)
contextFactory
- the context factory used when creating Contexts.public Class<?> getContextFactory()
public void setDirObjectFactory(Class<?> dirObjectFactory)
DefaultDirObjectFactory
. The specified class needs to be an
implementation of javax.naming.spi.DirObjectFactory. Note: Setting
this value to null may have cause connection leaks when using
ContextMapper methods in LdapTemplate.dirObjectFactory
- the DirObjectFactory to be used. Null means that
no DirObjectFactory will be used.public Class<?> getDirObjectFactory()
null
means that no
DirObjectFactory will be used.public void afterPropertiesSet()
afterPropertiesSet
in interface InitializingBean
public void setPassword(String password)
password
- the password.public String getPassword()
public void setUserDn(String userDn)
userDn
- the user distinguished name.public String getUserDn()
public void setUrls(String[] urls)
urls
- the urls of all servers.public String[] getUrls()
public void setUrl(String url)
url
- the url of the LDAP server.public void setPooled(boolean pooled)
false
. The built-in LDAP
connection pooling suffers from a number of deficiencies, e.g. no
connection validation. Also, enabling this flag when using TLS
connections will explicitly not work. Consider using the Spring LDAP
PoolingContextSource
as an alternative instead of enabling
this flag.
Note that since LDAP pooling is system wide, full configuration of this needs be done using system parameters as specified in the LDAP/JNDI documentation. Also note, that pooling is done on user dn basis, i.e. each individually authenticated connection will be pooled separately. This means that LDAP pooling will be most efficient using anonymous connections or connections authenticated using one single system user.
pooled
- whether Contexts should be pooled.public boolean isPooled()
public void setBaseEnvironmentProperties(Map<String,Object> baseEnvironmentProperties)
baseEnvironmentProperties
- the base environment properties that should always be used when
creating new Context instances.protected Hashtable<String,Object> getAuthenticatedEnv(String principal, String credentials)
public void setAuthenticationSource(AuthenticationSource authenticationSource)
authenticationSource
- the AuthenticationSource
that will
provide user info.public AuthenticationSource getAuthenticationSource()
AuthenticationSource
that will provide user info.public void setCacheEnvironmentProperties(boolean cacheEnvironmentProperties)
true
; setting this
property to false
causes the environment Hashmap to be
rebuilt from the current property settings of this instance between each
request for an anonymous environment.cacheEnvironmentProperties
- true
causes that the
anonymous environment properties should be cached, false
causes the Hashmap to be rebuilt for each request.public void setAnonymousReadOnly(boolean anonymousReadOnly)
false
.anonymousReadOnly
- true
if an anonymous environment
should be used for read-only operations, false
otherwise.public boolean isAnonymousReadOnly()
true
if an anonymous environment should be used for
read-only operations, false
otherwise.public void setAuthenticationStrategy(DirContextAuthenticationStrategy authenticationStrategy)
DirContextAuthenticationStrategy
to use for preparing the
environment and processing the created DirContext
instances.authenticationStrategy
- the
DirContextAuthenticationStrategy
to use; default is
SimpleDirContextAuthenticationStrategy
.public void setReferral(String referral)
referral
- the value to set the system property
Context.REFERRAL
to, customizing the way that referrals are
handled.protected abstract DirContext getDirContextInstance(Hashtable<String,Object> environment) throws NamingException
environment
- the environment to use when creating the instance.NamingException
- if one is encountered when creating the instance.