public abstract class AbstractContextSource extends Object implements BaseLdapPathContextSource, InitializingBean
ContextSource interface. By default,
returns an authenticated
DirContext implementation for both read-only and
read-write operations. To have an anonymous environment created for read-only
operations, set the anonymousReadOnly property to
true.
Implementing classes need to implement
getDirContextInstance(Hashtable) to create a DirContext
instance of the desired type.
If an AuthenticationSource is set, this will be used for getting user
principal and password for each new connection, otherwise a default one will
be created using the specified userDn and password.
Note: When using implementations of this class outside of a Spring
Context it is necessary to call afterPropertiesSet() when all
properties are set, in order to finish up initialization.
LdapTemplate,
DefaultDirObjectFactory,
LdapContextSource,
DirContextSource| Modifier and Type | Field and Description |
|---|---|
protected String |
password
Deprecated.
use
getPassword() and setPassword(String) instead |
static String |
SUN_LDAP_POOLING_FLAG |
protected String |
userDn
Deprecated.
use
getUserDn() and setUserDn(String) instead |
| Constructor and Description |
|---|
AbstractContextSource() |
| Modifier and Type | Method and Description |
|---|---|
void |
afterPropertiesSet()
Checks that all necessary data is set and that there is no compatibility
issues, after which the instance is initialized.
|
String |
assembleProviderUrlString(String[] ldapUrls)
Assemble a valid url String from all registered urls to add as
PROVIDER_URL to the environment. |
protected DirContext |
createContext(Hashtable<String,Object> environment)
Create a DirContext using the supplied environment.
|
protected Hashtable<String,Object> |
getAnonymousEnv() |
protected Hashtable<String,Object> |
getAuthenticatedEnv(String principal,
String credentials) |
AuthenticationSource |
getAuthenticationSource()
Get the authentication source.
|
LdapName |
getBaseLdapName()
Get the base LDAP path as a
LdapName. |
DistinguishedName |
getBaseLdapPath()
Deprecated.
DistinguishedName and associated classes and methods are deprecated as of 2.0. |
String |
getBaseLdapPathAsString()
Get the base LDAP path as a String.
|
DirContext |
getContext(String principal,
String credentials)
Gets a
DirContext instance authenticated using the supplied
principal and credentials. |
Class<?> |
getContextFactory()
Get the context factory.
|
protected abstract DirContext |
getDirContextInstance(Hashtable<String,Object> environment)
Implement in subclass to create a DirContext of the desired type (e.g.
|
Class<?> |
getDirObjectFactory()
Get the DirObjectFactory to use.
|
String |
getPassword()
Gets the password (credentials) to use for getting authenticated contexts.
|
DirContext |
getReadOnlyContext()
Gets a read-only
DirContext. |
DirContext |
getReadWriteContext()
Gets a read-write
DirContext instance. |
String[] |
getUrls()
Get the urls of the LDAP servers.
|
String |
getUserDn()
Gets the user distinguished name (principal) to use for getting
authenticated contexts.
|
boolean |
isAnonymousReadOnly()
Get whether an anonymous environment should be used for read-only
operations.
|
boolean |
isPooled()
Get whether the pooling flag should be set.
|
void |
setAnonymousReadOnly(boolean anonymousReadOnly)
Set whether an anonymous environment should be used for read-only
operations.
|
void |
setAuthenticationSource(AuthenticationSource authenticationSource)
Set the authentication source to use when retrieving user principal and
credentials.
|
void |
setAuthenticationStrategy(DirContextAuthenticationStrategy authenticationStrategy)
Set the
DirContextAuthenticationStrategy to use for preparing the
environment and processing the created DirContext instances. |
void |
setBase(String base)
Set the base suffix from which all operations should origin.
|
void |
setBaseEnvironmentProperties(Map<String,Object> baseEnvironmentProperties)
If any custom environment properties are needed, these can be set using
this method.
|
void |
setCacheEnvironmentProperties(boolean cacheEnvironmentProperties)
Set whether environment properties should be cached between requsts for
anonymous environment.
|
void |
setContextFactory(Class<?> contextFactory)
Set the context factory.
|
void |
setDirObjectFactory(Class<?> dirObjectFactory)
Set the DirObjectFactory to use.
|
void |
setPassword(String password)
Set the password (credentials) to use for getting authenticated contexts.
|
void |
setPooled(boolean pooled)
Set whether the pooling flag should be set, enabling the built-in LDAP
connection pooling.
|
void |
setReferral(String referral)
Set the method to handle referrals.
|
protected void |
setupAuthenticatedEnvironment(Hashtable<String,Object> env,
String principal,
String credentials)
Default implementation of setting the environment up to be authenticated.
|
void |
setUrl(String url)
Set the url of the LDAP server.
|
void |
setUrls(String[] urls)
Set the urls of the LDAP servers.
|
void |
setUserDn(String userDn)
Set the user distinguished name (principal) to use for getting
authenticated contexts.
|
@Deprecated protected String userDn
getUserDn() and setUserDn(String) instead@Deprecated protected String password
getPassword() and setPassword(String) insteadpublic static final String SUN_LDAP_POOLING_FLAG
public DirContext getContext(String principal, String credentials)
ContextSourceDirContext instance authenticated using the supplied
principal and credentials. Typically to be used for plain authentication
purposes. Note that this method will never make use
of native Java LDAP pooling, even though this instance is configured to do so.
This is to force password changes in the target directory to take effect
as soon as possible.getContext in interface ContextSourceprincipal - The principal (typically a distinguished name of a user
in the LDAP tree) to use for authentication.credentials - The credentials to use for authentication.DirContext instance, never
null.public DirContext getReadOnlyContext()
ContextSourceDirContext. The returned
DirContext must be possible to perform read-only operations
on.getReadOnlyContext in interface ContextSourcepublic DirContext getReadWriteContext()
ContextSourceDirContext instance.getReadWriteContext in interface ContextSourceDirContext instance, never null.protected void setupAuthenticatedEnvironment(Hashtable<String,Object> env, String principal, String credentials)
DirContextAuthenticationStrategy on this instance.env - the environment to modify.principal - the principal to authenticate with.credentials - the credentials to authenticate with.DirContextAuthenticationStrategy,
setAuthenticationStrategy(DirContextAuthenticationStrategy)public String assembleProviderUrlString(String[] ldapUrls)
PROVIDER_URL to the environment.ldapUrls - all individual url Strings.public void setBase(String base)
base - the base suffix.public DistinguishedName getBaseLdapPath()
DistinguishedName and associated classes and methods are deprecated as of 2.0.BaseLdapPathSourceDistinguishedName.getBaseLdapPath in interface BaseLdapPathSourceDistinguishedName. The path will
be empty if no base path is specified.public LdapName getBaseLdapName()
BaseLdapPathSourceLdapName.getBaseLdapName in interface BaseLdapPathSourceLdapName. The path will
be empty if no base path is specified.public String getBaseLdapPathAsString()
BaseLdapPathSourcegetBaseLdapPathAsString in interface BaseLdapPathSourceprotected DirContext createContext(Hashtable<String,Object> environment)
environment - the LDAP environment to use when creating the
DirContext.public void setContextFactory(Class<?> contextFactory)
contextFactory - the context factory used when creating Contexts.public Class<?> getContextFactory()
public void setDirObjectFactory(Class<?> dirObjectFactory)
DefaultDirObjectFactory. The specified class needs to be an
implementation of javax.naming.spi.DirObjectFactory. Note: Setting
this value to null may have cause connection leaks when using
ContextMapper methods in LdapTemplate.dirObjectFactory - the DirObjectFactory to be used. Null means that
no DirObjectFactory will be used.public Class<?> getDirObjectFactory()
null means that no
DirObjectFactory will be used.public void afterPropertiesSet()
afterPropertiesSet in interface InitializingBeanpublic void setPassword(String password)
password - the password.public String getPassword()
public void setUserDn(String userDn)
userDn - the user distinguished name.public String getUserDn()
public void setUrls(String[] urls)
urls - the urls of all servers.public String[] getUrls()
public void setUrl(String url)
url - the url of the LDAP server.public void setPooled(boolean pooled)
false. The built-in LDAP
connection pooling suffers from a number of deficiencies, e.g. no
connection validation. Also, enabling this flag when using TLS
connections will explicitly not work. Consider using the Spring LDAP
PoolingContextSource as an alternative instead of enabling
this flag.
Note that since LDAP pooling is system wide, full configuration of this needs be done using system parameters as specified in the LDAP/JNDI documentation. Also note, that pooling is done on user dn basis, i.e. each individually authenticated connection will be pooled separately. This means that LDAP pooling will be most efficient using anonymous connections or connections authenticated using one single system user.
pooled - whether Contexts should be pooled.public boolean isPooled()
public void setBaseEnvironmentProperties(Map<String,Object> baseEnvironmentProperties)
baseEnvironmentProperties - the base environment properties that should always be used when
creating new Context instances.protected Hashtable<String,Object> getAuthenticatedEnv(String principal, String credentials)
public void setAuthenticationSource(AuthenticationSource authenticationSource)
authenticationSource - the AuthenticationSource that will
provide user info.public AuthenticationSource getAuthenticationSource()
AuthenticationSource that will provide user info.public void setCacheEnvironmentProperties(boolean cacheEnvironmentProperties)
true; setting this
property to false causes the environment Hashmap to be
rebuilt from the current property settings of this instance between each
request for an anonymous environment.cacheEnvironmentProperties - true causes that the
anonymous environment properties should be cached, false
causes the Hashmap to be rebuilt for each request.public void setAnonymousReadOnly(boolean anonymousReadOnly)
false.anonymousReadOnly - true if an anonymous environment
should be used for read-only operations, false otherwise.public boolean isAnonymousReadOnly()
true if an anonymous environment should be used for
read-only operations, false otherwise.public void setAuthenticationStrategy(DirContextAuthenticationStrategy authenticationStrategy)
DirContextAuthenticationStrategy to use for preparing the
environment and processing the created DirContext instances.authenticationStrategy - the
DirContextAuthenticationStrategy to use; default is
SimpleDirContextAuthenticationStrategy.public void setReferral(String referral)
referral - the value to set the system property
Context.REFERRAL to, customizing the way that referrals are
handled.protected abstract DirContext getDirContextInstance(Hashtable<String,Object> environment) throws NamingException
environment - the environment to use when creating the instance.NamingException - if one is encountered when creating the instance.