org.springframework.ldap.core.support

Interface DirContextAuthenticationStrategy

All Known Implementing Classes:

AbstractTlsDirContextAuthenticationStrategy, DefaultTlsDirContextAuthenticationStrategy, DigestMd5DirContextAuthenticationStrategy, ExternalTlsDirContextAuthenticationStrategy, SimpleDirContextAuthenticationStrategy

public interface DirContextAuthenticationStrategy

A strategy to use when authenticating LDAP connections on creation. When authenticating LDAP connections different strategies are needed depending on the authentication mechanism used. Furthermore, depending on the mechanism the work to be done needs to be applied at different stages of the DirContext creation process. A DirContextAuthenticationStrategy contains the logic to perform a particular type of authentication mechanism and will be called by its ContextSource at appropriate stages of the process.

Author:

Mattias Hellborg Arthursson

Method Summary

Modifier and Type	Method and Description
DirContext	processContextAfterCreation(DirContext ctx, String userDn, String password) This method is responsible for post-processing the DirContext instance after it has been created.
void	setupEnvironment(Hashtable<String,Object> env, String userDn, String password) This method is responsible for preparing the environment to be used when creating the DirContext instance.

Method Detail

setupEnvironment

void setupEnvironment(Hashtable<String,Object> env,
                      String userDn,
                      String password)
               throws NamingException

This method is responsible for preparing the environment to be used when creating the DirContext instance. The base environment (including URL, ContextFactory etc. will already be set, and this method is called just before the actual Context is to be created.

Parameters:

env - The Hashtable to be sent to the DirContext instance on initialization. Pre-configured with the basic settings; the implementation of this method is responsible for manipulating the environment as appropriate for the particular authentication mechanism.

userDn - the user DN to authenticate, as received from the AuthenticationSource of the ContextSource.

password - the password to authenticate with, as received from the AuthenticationSource of the ContextSource.

Throws:

NamingException - if anything goes wrong. This will cause the DirContext creation to be aborted and the exception to be translated and rethrown.

processContextAfterCreation

DirContext processContextAfterCreation(DirContext ctx,
                                       String userDn,
                                       String password)
                                throws NamingException

This method is responsible for post-processing the DirContext instance after it has been created. It will be called immediately after the instance has been created. Some authentication mechanisms, e.g. TLS, require particular stuff to happen before the actual target Context is closed. This method provides the possibility to replace or wrap the actual DirContext with a proxy so that any calls on it may be intercepted.

Parameters:

ctx - the freshly created DirContext instance. The actual implementation class (e.g. InitialLdapContext) depends on the ContextSource implementation.

userDn - the user DN to authenticate, as received from the AuthenticationSource of the ContextSource.

password - the password to authenticate with, as received from the AuthenticationSource of the ContextSource.

Returns:

the DirContext, possibly modified, replaced or wrapped.

Throws:

NamingException - if anything goes wrong. This will cause the DirContext creation to be aborted and the exception to be translated and rethrown.