and password
.
Note: When using implementations of this class outside of a Spring
Context it is necessary to call afterPropertiesSet()
when all
properties are set, in order to finish up initialization.
- Author:
- Mattias Hellborg Arthursson, Adam Skogman, Ulrik Sandberg
- See Also:
LdapTemplate
,
DefaultDirObjectFactory
,
LdapContextSource
,
DirContextSource
Method Summary |
void |
afterPropertiesSet()
Checks that all necessary data is set and that there is no compatibility
issues, after which the instance is initialized. |
String |
assembleProviderUrlString(String[] ldapUrls)
Assemble a valid url String from all registered urls to add as
PROVIDER_URL to the environment. |
protected DirContext |
createContext(Hashtable<String,Object> environment)
Create a DirContext using the supplied environment. |
protected Hashtable<String,Object> |
getAnonymousEnv()
|
protected Hashtable<String,Object> |
getAuthenticatedEnv(String principal,
String credentials)
|
AuthenticationSource |
getAuthenticationSource()
Get the authentication source. |
LdapName |
getBaseLdapName()
Get the base LDAP path as a LdapName . |
DistinguishedName |
getBaseLdapPath()
Deprecated. DistinguishedName and associated classes and methods are deprecated as of 2.0. |
String |
getBaseLdapPathAsString()
Get the base LDAP path as a String. |
DirContext |
getContext(String principal,
String credentials)
Gets a DirContext instance authenticated using the supplied
principal and credentials. |
Class<?> |
getContextFactory()
Get the context factory. |
protected abstract DirContext |
getDirContextInstance(Hashtable<String,Object> environment)
Implement in subclass to create a DirContext of the desired type (e.g. |
Class<?> |
getDirObjectFactory()
Get the DirObjectFactory to use. |
String |
getPassword()
Gets the password (credentials) to use for getting authenticated contexts. |
DirContext |
getReadOnlyContext()
Gets a read-only DirContext . |
DirContext |
getReadWriteContext()
Gets a read-write DirContext instance. |
String[] |
getUrls()
Get the urls of the LDAP servers. |
protected String |
getUserDn()
Gets the user distinguished name (principal) to use for getting
authenticated contexts. |
boolean |
isAnonymousReadOnly()
Get whether an anonymous environment should be used for read-only
operations. |
boolean |
isPooled()
Get whether the pooling flag should be set. |
void |
setAnonymousReadOnly(boolean anonymousReadOnly)
Set whether an anonymous environment should be used for read-only
operations. |
void |
setAuthenticationSource(AuthenticationSource authenticationSource)
Set the authentication source to use when retrieving user principal and
credentials. |
void |
setAuthenticationStrategy(DirContextAuthenticationStrategy authenticationStrategy)
Set the DirContextAuthenticationStrategy to use for preparing the
environment and processing the created DirContext instances. |
void |
setBase(String base)
Set the base suffix from which all operations should origin. |
void |
setBaseEnvironmentProperties(Map<String,Object> baseEnvironmentProperties)
If any custom environment properties are needed, these can be set using
this method. |
void |
setCacheEnvironmentProperties(boolean cacheEnvironmentProperties)
Set whether environment properties should be cached between requsts for
anonymous environment. |
void |
setContextFactory(Class<?> contextFactory)
Set the context factory. |
void |
setDirObjectFactory(Class<?> dirObjectFactory)
Set the DirObjectFactory to use. |
void |
setPassword(String password)
Set the password (credentials) to use for getting authenticated contexts. |
void |
setPooled(boolean pooled)
Set whether the pooling flag should be set, enabling the built-in LDAP
connection pooling. |
void |
setReferral(String referral)
Set the method to handle referrals. |
protected void |
setupAuthenticatedEnvironment(Hashtable<String,Object> env,
String principal,
String credentials)
Default implementation of setting the environment up to be authenticated. |
void |
setUrl(String url)
Set the url of the LDAP server. |
void |
setUrls(String[] urls)
Set the urls of the LDAP servers. |
void |
setUserDn(String userDn)
Set the user distinguished name (principal) to use for getting
authenticated contexts. |
Methods inherited from class java.lang.Object |
clone, equals, finalize, getClass, hashCode, notify, notifyAll, toString, wait, wait, wait |
userDn
@Deprecated
protected String userDn
- Deprecated. use
getUserDn()
and setUserDn(String)
instead
password
@Deprecated
protected String password
- Deprecated. use
getPassword()
and setPassword(String)
instead
SUN_LDAP_POOLING_FLAG
public static final String SUN_LDAP_POOLING_FLAG
- See Also:
- Constant Field Values
AbstractContextSource
public AbstractContextSource()
getContext
public DirContext getContext(String principal,
String credentials)
- Description copied from interface:
ContextSource
- Gets a
DirContext
instance authenticated using the supplied
principal and credentials. Typically to be used for plain authentication
purposes. Note that this method will never make use
of native Java LDAP pooling, even though this instance is configured to do so.
This is to force password changes in the target directory to take effect
as soon as possible.
- Specified by:
getContext
in interface ContextSource
- Parameters:
principal
- The principal (typically a distinguished name of a user
in the LDAP tree) to use for authentication.credentials
- The credentials to use for authentication.
- Returns:
- an authenticated
DirContext
instance, never
null
.
getReadOnlyContext
public DirContext getReadOnlyContext()
- Description copied from interface:
ContextSource
- Gets a read-only
DirContext
. The returned
DirContext
must be possible to perform read-only operations
on.
- Specified by:
getReadOnlyContext
in interface ContextSource
- Returns:
- A DirContext instance, never null.
getReadWriteContext
public DirContext getReadWriteContext()
- Description copied from interface:
ContextSource
- Gets a read-write
DirContext
instance.
- Specified by:
getReadWriteContext
in interface ContextSource
- Returns:
- A
DirContext
instance, never null
.
setupAuthenticatedEnvironment
protected void setupAuthenticatedEnvironment(Hashtable<String,Object> env,
String principal,
String credentials)
- Default implementation of setting the environment up to be authenticated.
This method should typically NOT be overridden; any customization to the
authentication mechanism should be managed by setting a different
DirContextAuthenticationStrategy
on this instance.
- Parameters:
env
- the environment to modify.principal
- the principal to authenticate with.credentials
- the credentials to authenticate with.- See Also:
DirContextAuthenticationStrategy
,
setAuthenticationStrategy(DirContextAuthenticationStrategy)
assembleProviderUrlString
public String assembleProviderUrlString(String[] ldapUrls)
- Assemble a valid url String from all registered urls to add as
PROVIDER_URL
to the environment.
- Parameters:
ldapUrls
- all individual url Strings.
- Returns:
- the full url String
setBase
public void setBase(String base)
- Set the base suffix from which all operations should origin. If a base
suffix is set, you will not have to (and, indeed, must not) specify the
full distinguished names in any operations performed.
- Parameters:
base
- the base suffix.
getBaseLdapPath
public DistinguishedName getBaseLdapPath()
- Deprecated.
DistinguishedName
and associated classes and methods are deprecated as of 2.0.
- Description copied from interface:
BaseLdapPathSource
- Get the base LDAP path as a
DistinguishedName
.
- Specified by:
getBaseLdapPath
in interface BaseLdapPathSource
- Returns:
- the base LDAP path as a
DistinguishedName
. The path will
be empty if no base path is specified.
getBaseLdapName
public LdapName getBaseLdapName()
- Description copied from interface:
BaseLdapPathSource
- Get the base LDAP path as a
LdapName
.
- Specified by:
getBaseLdapName
in interface BaseLdapPathSource
- Returns:
- the base LDAP path as a
LdapName
. The path will
be empty if no base path is specified.
getBaseLdapPathAsString
public String getBaseLdapPathAsString()
- Description copied from interface:
BaseLdapPathSource
- Get the base LDAP path as a String.
- Specified by:
getBaseLdapPathAsString
in interface BaseLdapPathSource
- Returns:
- the base LDAP path as a An empty String will be returned if no
base path is specified.
createContext
protected DirContext createContext(Hashtable<String,Object> environment)
- Create a DirContext using the supplied environment.
- Parameters:
environment
- the LDAP environment to use when creating the
DirContext
.
- Returns:
- a new DirContext implementation initialized with the supplied
environment.
setContextFactory
public void setContextFactory(Class<?> contextFactory)
- Set the context factory. Default is com.sun.jndi.ldap.LdapCtxFactory.
- Parameters:
contextFactory
- the context factory used when creating Contexts.
getContextFactory
public Class<?> getContextFactory()
- Get the context factory.
- Returns:
- the context factory used when creating Contexts.
setDirObjectFactory
public void setDirObjectFactory(Class<?> dirObjectFactory)
- Set the DirObjectFactory to use. Default is
DefaultDirObjectFactory
. The specified class needs to be an
implementation of javax.naming.spi.DirObjectFactory. Note: Setting
this value to null may have cause connection leaks when using
ContextMapper methods in LdapTemplate.
- Parameters:
dirObjectFactory
- the DirObjectFactory to be used. Null means that
no DirObjectFactory will be used.
getDirObjectFactory
public Class<?> getDirObjectFactory()
- Get the DirObjectFactory to use.
- Returns:
- the DirObjectFactory to be used.
null
means that no
DirObjectFactory will be used.
afterPropertiesSet
public void afterPropertiesSet()
- Checks that all necessary data is set and that there is no compatibility
issues, after which the instance is initialized. Note that you need to
call this method explicitly after setting all desired properties if using
the class outside of a Spring Context.
- Specified by:
afterPropertiesSet
in interface InitializingBean
setPassword
public void setPassword(String password)
- Set the password (credentials) to use for getting authenticated contexts.
- Parameters:
password
- the password.
getPassword
public String getPassword()
- Gets the password (credentials) to use for getting authenticated contexts.
- Returns:
- the password
setUserDn
public void setUserDn(String userDn)
- Set the user distinguished name (principal) to use for getting
authenticated contexts.
- Parameters:
userDn
- the user distinguished name.
getUserDn
protected String getUserDn()
- Gets the user distinguished name (principal) to use for getting
authenticated contexts.
- Returns:
- the user distinguished name.
setUrls
public void setUrls(String[] urls)
- Set the urls of the LDAP servers. Use this method if several servers are
required.
- Parameters:
urls
- the urls of all servers.
getUrls
public String[] getUrls()
- Get the urls of the LDAP servers.
- Returns:
- the urls of all servers.
setUrl
public void setUrl(String url)
- Set the url of the LDAP server. Utility method if only one server is
used.
- Parameters:
url
- the url of the LDAP server.
setPooled
public void setPooled(boolean pooled)
- Set whether the pooling flag should be set, enabling the built-in LDAP
connection pooling. Default is
false
. The built-in LDAP
connection pooling suffers from a number of deficiencies, e.g. no
connection validation. Also, enabling this flag when using TLS
connections will explicitly not work. Consider using the Spring LDAP
PoolingContextSource
as an alternative instead of enabling
this flag.
Note that since LDAP pooling is system wide, full configuration of this
needs be done using system parameters as specified in the LDAP/JNDI
documentation. Also note, that pooling is done on user dn basis, i.e.
each individually authenticated connection will be pooled separately.
This means that LDAP pooling will be most efficient using anonymous
connections or connections authenticated using one single system user.
- Parameters:
pooled
- whether Contexts should be pooled.
isPooled
public boolean isPooled()
- Get whether the pooling flag should be set.
- Returns:
- whether Contexts should be pooled.
setBaseEnvironmentProperties
public void setBaseEnvironmentProperties(Map<String,Object> baseEnvironmentProperties)
- If any custom environment properties are needed, these can be set using
this method.
- Parameters:
baseEnvironmentProperties
- the base environment properties that should always be used when
creating new Context instances.
getAnonymousEnv
protected Hashtable<String,Object> getAnonymousEnv()
getAuthenticatedEnv
protected Hashtable<String,Object> getAuthenticatedEnv(String principal,
String credentials)
setAuthenticationSource
public void setAuthenticationSource(AuthenticationSource authenticationSource)
- Set the authentication source to use when retrieving user principal and
credentials.
- Parameters:
authenticationSource
- the AuthenticationSource
that will
provide user info.
getAuthenticationSource
public AuthenticationSource getAuthenticationSource()
- Get the authentication source.
- Returns:
- the
AuthenticationSource
that will provide user info.
setCacheEnvironmentProperties
public void setCacheEnvironmentProperties(boolean cacheEnvironmentProperties)
- Set whether environment properties should be cached between requsts for
anonymous environment. Default is
true
; setting this
property to false
causes the environment Hashmap to be
rebuilt from the current property settings of this instance between each
request for an anonymous environment.
- Parameters:
cacheEnvironmentProperties
- true
causes that the
anonymous environment properties should be cached, false
causes the Hashmap to be rebuilt for each request.
setAnonymousReadOnly
public void setAnonymousReadOnly(boolean anonymousReadOnly)
- Set whether an anonymous environment should be used for read-only
operations. Default is
false
.
- Parameters:
anonymousReadOnly
- true
if an anonymous environment
should be used for read-only operations, false
otherwise.
isAnonymousReadOnly
public boolean isAnonymousReadOnly()
- Get whether an anonymous environment should be used for read-only
operations.
- Returns:
true
if an anonymous environment should be used for
read-only operations, false
otherwise.
setAuthenticationStrategy
public void setAuthenticationStrategy(DirContextAuthenticationStrategy authenticationStrategy)
- Set the
DirContextAuthenticationStrategy
to use for preparing the
environment and processing the created DirContext
instances.
- Parameters:
authenticationStrategy
- the
DirContextAuthenticationStrategy
to use; default is
SimpleDirContextAuthenticationStrategy
.
setReferral
public void setReferral(String referral)
- Set the method to handle referrals. Default is 'ignore'; setting this
flag to 'follow' will enable referrals to be automatically followed. Note
that this might require particular name server setup in order to work
(the referred URLs will need to be automatically found using standard DNS
resolution).
- Parameters:
referral
- the value to set the system property
Context.REFERRAL
to, customizing the way that referrals are
handled.
getDirContextInstance
protected abstract DirContext getDirContextInstance(Hashtable<String,Object> environment)
throws NamingException
- Implement in subclass to create a DirContext of the desired type (e.g.
InitialDirContext or InitialLdapContext).
- Parameters:
environment
- the environment to use when creating the instance.
- Returns:
- a new DirContext instance.
- Throws:
NamingException
- if one is encountered when creating the instance.