Overview  Package   Class  Tree  Deprecated  Index  Help 
 PREV CLASS   NEXT CLASS FRAMES    NO FRAMES    
SUMMARY: NESTED | FIELD | CONSTR | METHOD DETAIL: FIELD | CONSTR | METHOD

org.springframework.security.config.annotation.authentication.configurers.ldap
Class LdapAuthenticationProviderConfigurer<B extends ProviderManagerBuilder<B>>

java.lang.Object
  extended by org.springframework.security.config.annotation.SecurityConfigurerAdapter<AuthenticationManager,B>
      extended by org.springframework.security.config.annotation.authentication.configurers.ldap.LdapAuthenticationProviderConfigurer<B>
Type Parameters:
B - the ProviderManagerBuilder type that this is configuring.
All Implemented Interfaces:
SecurityConfigurer<AuthenticationManager,B>
public class LdapAuthenticationProviderConfigurer<B extends ProviderManagerBuilder<B>>
extends SecurityConfigurerAdapter<AuthenticationManager,B>

Configures LDAP AuthenticationProvider in the ProviderManagerBuilder.

Since:
3.2

Nested Class Summary
 class LdapAuthenticationProviderConfigurer.ContextSourceBuilder
          Allows building a BaseLdapPathContextSource and optionally creating an embedded LDAP instance.
 class LdapAuthenticationProviderConfigurer.PasswordCompareConfigurer
          Sets up Password based comparison
 
Constructor Summary
LdapAuthenticationProviderConfigurer()
           
 
Method Summary
 void configure(B builder)
          Configure the SecurityBuilder by setting the necessary properties on the SecurityBuilder.
 LdapAuthenticationProviderConfigurer.ContextSourceBuilder contextSource()
          Allows easily configuring of a BaseLdapPathContextSource with defaults pointing to an embedded LDAP server that is created.
 LdapAuthenticationProviderConfigurer<B> contextSource(BaseLdapPathContextSource contextSource)
          Specifies the BaseLdapPathContextSource to be used.
 LdapAuthenticationProviderConfigurer<B> groupRoleAttribute(String groupRoleAttribute)
          Specifies the attribute name which contains the role name.
 LdapAuthenticationProviderConfigurer<B> groupSearchBase(String groupSearchBase)
          The search base for group membership searches.
 LdapAuthenticationProviderConfigurer<B> groupSearchFilter(String groupSearchFilter)
          The LDAP filter to search for groups.
 LdapAuthenticationProviderConfigurer.PasswordCompareConfigurer passwordCompare()
           
 LdapAuthenticationProviderConfigurer<B> passwordEncoder(PasswordEncoder passwordEncoder)
          Specifies the PasswordEncoder to be used when authenticating with password comparison.
 LdapAuthenticationProviderConfigurer<B> rolePrefix(String rolePrefix)
          A non-empty string prefix that will be added as a prefix to the existing roles.
 LdapAuthenticationProviderConfigurer<B> userDetailsContextMapper(UserDetailsContextMapper userDetailsContextMapper)
          Allows explicit customization of the loaded user object by specifying a UserDetailsContextMapper bean which will be called with the context information from the user's directory entry.
 LdapAuthenticationProviderConfigurer<B> userDnPatterns(String... userDnPatterns)
          If your users are at a fixed location in the directory (i.e.
 LdapAuthenticationProviderConfigurer<B> userSearchBase(String userSearchBase)
          Search base for user searches.
 LdapAuthenticationProviderConfigurer<B> userSearchFilter(String userSearchFilter)
          The LDAP filter used to search for users (optional).
 LdapAuthenticationProviderConfigurer<B> withObjectPostProcessor(ObjectPostProcessor<?> objectPostProcessor)
          Adds an ObjectPostProcessor for this class.
 
Methods inherited from class org.springframework.security.config.annotation.SecurityConfigurerAdapter
addObjectPostProcessor, and, getBuilder, init, postProcess, setBuilder
 
Methods inherited from class java.lang.Object
clone, equals, finalize, getClass, hashCode, notify, notifyAll, toString, wait, wait, wait
 

Constructor Detail

LdapAuthenticationProviderConfigurer

public LdapAuthenticationProviderConfigurer()
Method Detail

withObjectPostProcessor

public LdapAuthenticationProviderConfigurer<B> withObjectPostProcessor(ObjectPostProcessor<?> objectPostProcessor)
Adds an ObjectPostProcessor for this class.

Parameters:
objectPostProcessor -
Returns:
the ChannelSecurityConfigurer for further customizations

contextSource

public LdapAuthenticationProviderConfigurer<B> contextSource(BaseLdapPathContextSource contextSource)
Specifies the BaseLdapPathContextSource to be used. If not specified, an embedded LDAP server will be created using contextSource().

Parameters:
contextSource - the BaseLdapPathContextSource to use
Returns:
the LdapAuthenticationProviderConfigurer for further customizations
See Also:
contextSource()

contextSource

public LdapAuthenticationProviderConfigurer.ContextSourceBuilder contextSource()
Allows easily configuring of a BaseLdapPathContextSource with defaults pointing to an embedded LDAP server that is created.

Returns:
the LdapAuthenticationProviderConfigurer.ContextSourceBuilder for further customizations

passwordEncoder

public LdapAuthenticationProviderConfigurer<B> passwordEncoder(PasswordEncoder passwordEncoder)
Specifies the PasswordEncoder to be used when authenticating with password comparison.

Parameters:
passwordEncoder - the PasswordEncoder to use
Returns:
the LdapAuthenticationProviderConfigurer for further customization

userDnPatterns

public LdapAuthenticationProviderConfigurer<B> userDnPatterns(String... userDnPatterns)
If your users are at a fixed location in the directory (i.e. you can work out the DN directly from the username without doing a directory search), you can use this attribute to map directly to the DN. It maps directly to the userDnPatterns property of AbstractLdapAuthenticator. The value is a specific pattern used to build the user's DN, for example "uid={0},ou=people". The key "{0}" must be present and will be substituted with the username.

Parameters:
userDnPatterns - the LDAP patterns for finding the usernames
Returns:
the LdapAuthenticationProviderConfigurer for further customizations

userDetailsContextMapper

public LdapAuthenticationProviderConfigurer<B> userDetailsContextMapper(UserDetailsContextMapper userDetailsContextMapper)
Allows explicit customization of the loaded user object by specifying a UserDetailsContextMapper bean which will be called with the context information from the user's directory entry.

Parameters:
userDetailsContextMapper - the UserDetailsContextMapper to use
Returns:
the LdapAuthenticationProviderConfigurer for further customizations
See Also:
PersonContextMapper, InetOrgPersonContextMapper, LdapUserDetailsMapper

groupRoleAttribute

public LdapAuthenticationProviderConfigurer<B> groupRoleAttribute(String groupRoleAttribute)
Specifies the attribute name which contains the role name. Default is "cn".

Parameters:
groupRoleAttribute - the attribute name that maps a group to a role.
Returns:

groupSearchBase

public LdapAuthenticationProviderConfigurer<B> groupSearchBase(String groupSearchBase)
The search base for group membership searches. Defaults to "".

Parameters:
groupSearchBase -
Returns:
the LdapAuthenticationProviderConfigurer for further customizations

groupSearchFilter

public LdapAuthenticationProviderConfigurer<B> groupSearchFilter(String groupSearchFilter)
The LDAP filter to search for groups. Defaults to "(uniqueMember={0})". The substituted parameter is the DN of the user.

Parameters:
groupSearchFilter - the LDAP filter to search for groups
Returns:
the LdapAuthenticationProviderConfigurer for further customizations

rolePrefix

public LdapAuthenticationProviderConfigurer<B> rolePrefix(String rolePrefix)
A non-empty string prefix that will be added as a prefix to the existing roles. The default is "ROLE_".

Parameters:
rolePrefix - the prefix to be added to the roles that are loaded.
Returns:
the LdapAuthenticationProviderConfigurer for further customizations
See Also:
SimpleAuthorityMapper.setPrefix(String)

userSearchBase

public LdapAuthenticationProviderConfigurer<B> userSearchBase(String userSearchBase)
Search base for user searches. Defaults to "". Only used with userSearchFilter(String).

Parameters:
userSearchBase - search base for user searches
Returns:
the LdapAuthenticationProviderConfigurer for further customizations

userSearchFilter

public LdapAuthenticationProviderConfigurer<B> userSearchFilter(String userSearchFilter)
The LDAP filter used to search for users (optional). For example "(uid={0})". The substituted parameter is the user's login name.

Parameters:
userSearchFilter - the LDAP filter used to search for users
Returns:
the LdapAuthenticationProviderConfigurer for further customizations

configure

public void configure(B builder)
               throws Exception
Description copied from interface: SecurityConfigurer
Configure the SecurityBuilder by setting the necessary properties on the SecurityBuilder.

Specified by:
configure in interface SecurityConfigurer<AuthenticationManager,B extends ProviderManagerBuilder<B>>
Overrides:
configure in class SecurityConfigurerAdapter<AuthenticationManager,B extends ProviderManagerBuilder<B>>
Throws:
Exception

passwordCompare

public LdapAuthenticationProviderConfigurer.PasswordCompareConfigurer passwordCompare()
Returns:
Overview  Package   Class  Tree  Deprecated  Index  Help 
 PREV CLASS   NEXT CLASS FRAMES    NO FRAMES    
SUMMARY: NESTED | FIELD | CONSTR | METHOD DETAIL: FIELD | CONSTR | METHOD