Class AbstractContextSource
- java.lang.Object
-
- org.springframework.ldap.core.support.AbstractContextSource
-
- All Implemented Interfaces:
org.springframework.beans.factory.InitializingBean
,ContextSource
,BaseLdapPathContextSource
,BaseLdapPathSource
- Direct Known Subclasses:
DirContextSource
,LdapContextSource
public abstract class AbstractContextSource extends java.lang.Object implements BaseLdapPathContextSource, org.springframework.beans.factory.InitializingBean
Abstract implementation of theContextSource
interface. By default, returns an authenticatedDirContext
implementation for both read-only and read-write operations. To have an anonymous environment created for read-only operations, set theanonymousReadOnly
property totrue
.Implementing classes need to implement
getDirContextInstance(Hashtable)
to create aDirContext
instance of the desired type.If an
AuthenticationSource
is set, this will be used for getting user principal and password for each new connection, otherwise a default one will be created using the specifieduserDn
andpassword
.Note: When using implementations of this class outside of a Spring Context it is necessary to call
afterPropertiesSet()
when all properties are set, in order to finish up initialization.
-
-
Field Summary
Fields Modifier and Type Field Description protected java.lang.String
password
Deprecated.usegetPassword()
andsetPassword(String)
insteadstatic java.lang.String
SUN_LDAP_POOLING_FLAG
protected java.lang.String
userDn
Deprecated.usegetUserDn()
andsetUserDn(String)
instead
-
Constructor Summary
Constructors Constructor Description AbstractContextSource()
-
Method Summary
All Methods Instance Methods Abstract Methods Concrete Methods Deprecated Methods Modifier and Type Method Description void
afterPropertiesSet()
Checks that all necessary data is set and that there is no compatibility issues, after which the instance is initialized.java.lang.String
assembleProviderUrlString(java.lang.String[] ldapUrls)
Assemble a valid url String from all registered urls to add asPROVIDER_URL
to the environment.protected javax.naming.directory.DirContext
createContext(java.util.Hashtable<java.lang.String,java.lang.Object> environment)
Create a DirContext using the supplied environment.protected java.util.Hashtable<java.lang.String,java.lang.Object>
getAnonymousEnv()
protected java.util.Hashtable<java.lang.String,java.lang.Object>
getAuthenticatedEnv(java.lang.String principal, java.lang.String credentials)
AuthenticationSource
getAuthenticationSource()
Get the authentication source.javax.naming.ldap.LdapName
getBaseLdapName()
Get the base LDAP path as aLdapName
.DistinguishedName
getBaseLdapPath()
Deprecated.DistinguishedName
and associated classes and methods are deprecated as of 2.0.java.lang.String
getBaseLdapPathAsString()
Get the base LDAP path as a String.javax.naming.directory.DirContext
getContext(java.lang.String principal, java.lang.String credentials)
Gets aDirContext
instance authenticated using the supplied principal and credentials.java.lang.Class<?>
getContextFactory()
Get the context factory.protected abstract javax.naming.directory.DirContext
getDirContextInstance(java.util.Hashtable<java.lang.String,java.lang.Object> environment)
Implement in subclass to create a DirContext of the desired type (e.g.java.lang.Class<?>
getDirObjectFactory()
Get the DirObjectFactory to use.java.lang.String
getPassword()
Gets the password (credentials) to use for getting authenticated contexts.javax.naming.directory.DirContext
getReadOnlyContext()
Gets a read-onlyDirContext
.javax.naming.directory.DirContext
getReadWriteContext()
Gets a read-writeDirContext
instance.java.lang.String[]
getUrls()
Get the urls of the LDAP servers.java.lang.String
getUserDn()
Gets the user distinguished name (principal) to use for getting authenticated contexts.boolean
isAnonymousReadOnly()
Get whether an anonymous environment should be used for read-only operations.boolean
isPooled()
Get whether the pooling flag should be set.void
setAnonymousReadOnly(boolean anonymousReadOnly)
Set whether an anonymous environment should be used for read-only operations.void
setAuthenticationSource(AuthenticationSource authenticationSource)
Set the authentication source to use when retrieving user principal and credentials.void
setAuthenticationStrategy(DirContextAuthenticationStrategy authenticationStrategy)
Set theDirContextAuthenticationStrategy
to use for preparing the environment and processing the createdDirContext
instances.void
setBase(java.lang.String base)
Set the base suffix from which all operations should origin.void
setBaseEnvironmentProperties(java.util.Map<java.lang.String,java.lang.Object> baseEnvironmentProperties)
If any custom environment properties are needed, these can be set using this method.void
setCacheEnvironmentProperties(boolean cacheEnvironmentProperties)
Set whether environment properties should be cached between requsts for anonymous environment.void
setContextFactory(java.lang.Class<?> contextFactory)
Set the context factory.void
setDirObjectFactory(java.lang.Class<?> dirObjectFactory)
Set the DirObjectFactory to use.void
setPassword(java.lang.String password)
Set the password (credentials) to use for getting authenticated contexts.void
setPooled(boolean pooled)
Set whether the pooling flag should be set, enabling the built-in LDAP connection pooling.void
setReferral(java.lang.String referral)
Set the method to handle referrals.protected void
setupAuthenticatedEnvironment(java.util.Hashtable<java.lang.String,java.lang.Object> env, java.lang.String principal, java.lang.String credentials)
Default implementation of setting the environment up to be authenticated.void
setUrl(java.lang.String url)
Set the url of the LDAP server.void
setUrls(java.lang.String[] urls)
Set the urls of the LDAP servers.void
setUserDn(java.lang.String userDn)
Set the user distinguished name (principal) to use for getting authenticated contexts.
-
-
-
Field Detail
-
userDn
@Deprecated protected java.lang.String userDn
Deprecated.usegetUserDn()
andsetUserDn(String)
instead
-
password
@Deprecated protected java.lang.String password
Deprecated.usegetPassword()
andsetPassword(String)
instead
-
SUN_LDAP_POOLING_FLAG
public static final java.lang.String SUN_LDAP_POOLING_FLAG
- See Also:
- Constant Field Values
-
-
Method Detail
-
getContext
public javax.naming.directory.DirContext getContext(java.lang.String principal, java.lang.String credentials)
Description copied from interface:ContextSource
Gets aDirContext
instance authenticated using the supplied principal and credentials. Typically to be used for plain authentication purposes. Note that this method will never make use of native Java LDAP pooling, even though this instance is configured to do so. This is to force password changes in the target directory to take effect as soon as possible.- Specified by:
getContext
in interfaceContextSource
- Parameters:
principal
- The principal (typically a distinguished name of a user in the LDAP tree) to use for authentication.credentials
- The credentials to use for authentication.- Returns:
- an authenticated
DirContext
instance, nevernull
.
-
getReadOnlyContext
public javax.naming.directory.DirContext getReadOnlyContext()
Description copied from interface:ContextSource
Gets a read-onlyDirContext
. The returnedDirContext
must be possible to perform read-only operations on.- Specified by:
getReadOnlyContext
in interfaceContextSource
- Returns:
- A DirContext instance, never null.
-
getReadWriteContext
public javax.naming.directory.DirContext getReadWriteContext()
Description copied from interface:ContextSource
Gets a read-writeDirContext
instance.- Specified by:
getReadWriteContext
in interfaceContextSource
- Returns:
- A
DirContext
instance, nevernull
.
-
setupAuthenticatedEnvironment
protected void setupAuthenticatedEnvironment(java.util.Hashtable<java.lang.String,java.lang.Object> env, java.lang.String principal, java.lang.String credentials)
Default implementation of setting the environment up to be authenticated. This method should typically NOT be overridden; any customization to the authentication mechanism should be managed by setting a differentDirContextAuthenticationStrategy
on this instance.- Parameters:
env
- the environment to modify.principal
- the principal to authenticate with.credentials
- the credentials to authenticate with.- See Also:
DirContextAuthenticationStrategy
,setAuthenticationStrategy(DirContextAuthenticationStrategy)
-
assembleProviderUrlString
public java.lang.String assembleProviderUrlString(java.lang.String[] ldapUrls)
Assemble a valid url String from all registered urls to add asPROVIDER_URL
to the environment.- Parameters:
ldapUrls
- all individual url Strings.- Returns:
- the full url String
-
setBase
public void setBase(java.lang.String base)
Set the base suffix from which all operations should origin. If a base suffix is set, you will not have to (and, indeed, must not) specify the full distinguished names in any operations performed.- Parameters:
base
- the base suffix.
-
getBaseLdapPath
public DistinguishedName getBaseLdapPath()
Deprecated.DistinguishedName
and associated classes and methods are deprecated as of 2.0.Description copied from interface:BaseLdapPathSource
Get the base LDAP path as aDistinguishedName
.- Specified by:
getBaseLdapPath
in interfaceBaseLdapPathSource
- Returns:
- the base LDAP path as a
DistinguishedName
. The path will be empty if no base path is specified.
-
getBaseLdapName
public javax.naming.ldap.LdapName getBaseLdapName()
Description copied from interface:BaseLdapPathSource
Get the base LDAP path as aLdapName
.- Specified by:
getBaseLdapName
in interfaceBaseLdapPathSource
- Returns:
- the base LDAP path as a
LdapName
. The path will be empty if no base path is specified.
-
getBaseLdapPathAsString
public java.lang.String getBaseLdapPathAsString()
Description copied from interface:BaseLdapPathSource
Get the base LDAP path as a String.- Specified by:
getBaseLdapPathAsString
in interfaceBaseLdapPathSource
- Returns:
- the base LDAP path as a An empty String will be returned if no base path is specified.
-
createContext
protected javax.naming.directory.DirContext createContext(java.util.Hashtable<java.lang.String,java.lang.Object> environment)
Create a DirContext using the supplied environment.- Parameters:
environment
- the LDAP environment to use when creating theDirContext
.- Returns:
- a new DirContext implementation initialized with the supplied environment.
-
setContextFactory
public void setContextFactory(java.lang.Class<?> contextFactory)
Set the context factory. Default is com.sun.jndi.ldap.LdapCtxFactory.- Parameters:
contextFactory
- the context factory used when creating Contexts.
-
getContextFactory
public java.lang.Class<?> getContextFactory()
Get the context factory.- Returns:
- the context factory used when creating Contexts.
-
setDirObjectFactory
public void setDirObjectFactory(java.lang.Class<?> dirObjectFactory)
Set the DirObjectFactory to use. Default isDefaultDirObjectFactory
. The specified class needs to be an implementation of javax.naming.spi.DirObjectFactory. Note: Setting this value to null may have cause connection leaks when using ContextMapper methods in LdapTemplate.- Parameters:
dirObjectFactory
- the DirObjectFactory to be used. Null means that no DirObjectFactory will be used.
-
getDirObjectFactory
public java.lang.Class<?> getDirObjectFactory()
Get the DirObjectFactory to use.- Returns:
- the DirObjectFactory to be used.
null
means that no DirObjectFactory will be used.
-
afterPropertiesSet
public void afterPropertiesSet()
Checks that all necessary data is set and that there is no compatibility issues, after which the instance is initialized. Note that you need to call this method explicitly after setting all desired properties if using the class outside of a Spring Context.- Specified by:
afterPropertiesSet
in interfaceorg.springframework.beans.factory.InitializingBean
-
setPassword
public void setPassword(java.lang.String password)
Set the password (credentials) to use for getting authenticated contexts.- Parameters:
password
- the password.
-
getPassword
public java.lang.String getPassword()
Gets the password (credentials) to use for getting authenticated contexts.- Returns:
- the password
-
setUserDn
public void setUserDn(java.lang.String userDn)
Set the user distinguished name (principal) to use for getting authenticated contexts.- Parameters:
userDn
- the user distinguished name.
-
getUserDn
public java.lang.String getUserDn()
Gets the user distinguished name (principal) to use for getting authenticated contexts.- Returns:
- the user distinguished name.
-
setUrls
public void setUrls(java.lang.String[] urls)
Set the urls of the LDAP servers. Use this method if several servers are required.- Parameters:
urls
- the urls of all servers.
-
getUrls
public java.lang.String[] getUrls()
Get the urls of the LDAP servers.- Returns:
- the urls of all servers.
-
setUrl
public void setUrl(java.lang.String url)
Set the url of the LDAP server. Utility method if only one server is used.- Parameters:
url
- the url of the LDAP server.
-
setPooled
public void setPooled(boolean pooled)
Set whether the pooling flag should be set, enabling the built-in LDAP connection pooling. Default isfalse
. The built-in LDAP connection pooling suffers from a number of deficiencies, e.g. no connection validation. Also, enabling this flag when using TLS connections will explicitly not work. Consider using the Spring LDAPPoolingContextSource
as an alternative instead of enabling this flag.Note that since LDAP pooling is system wide, full configuration of this needs be done using system parameters as specified in the LDAP/JNDI documentation. Also note, that pooling is done on user dn basis, i.e. each individually authenticated connection will be pooled separately. This means that LDAP pooling will be most efficient using anonymous connections or connections authenticated using one single system user.
- Parameters:
pooled
- whether Contexts should be pooled.
-
isPooled
public boolean isPooled()
Get whether the pooling flag should be set.- Returns:
- whether Contexts should be pooled.
-
setBaseEnvironmentProperties
public void setBaseEnvironmentProperties(java.util.Map<java.lang.String,java.lang.Object> baseEnvironmentProperties)
If any custom environment properties are needed, these can be set using this method.- Parameters:
baseEnvironmentProperties
- the base environment properties that should always be used when creating new Context instances.
-
getAnonymousEnv
protected java.util.Hashtable<java.lang.String,java.lang.Object> getAnonymousEnv()
-
getAuthenticatedEnv
protected java.util.Hashtable<java.lang.String,java.lang.Object> getAuthenticatedEnv(java.lang.String principal, java.lang.String credentials)
-
setAuthenticationSource
public void setAuthenticationSource(AuthenticationSource authenticationSource)
Set the authentication source to use when retrieving user principal and credentials.- Parameters:
authenticationSource
- theAuthenticationSource
that will provide user info.
-
getAuthenticationSource
public AuthenticationSource getAuthenticationSource()
Get the authentication source.- Returns:
- the
AuthenticationSource
that will provide user info.
-
setCacheEnvironmentProperties
public void setCacheEnvironmentProperties(boolean cacheEnvironmentProperties)
Set whether environment properties should be cached between requsts for anonymous environment. Default istrue
; setting this property tofalse
causes the environment Hashmap to be rebuilt from the current property settings of this instance between each request for an anonymous environment.- Parameters:
cacheEnvironmentProperties
-true
causes that the anonymous environment properties should be cached,false
causes the Hashmap to be rebuilt for each request.
-
setAnonymousReadOnly
public void setAnonymousReadOnly(boolean anonymousReadOnly)
Set whether an anonymous environment should be used for read-only operations. Default isfalse
.- Parameters:
anonymousReadOnly
-true
if an anonymous environment should be used for read-only operations,false
otherwise.
-
isAnonymousReadOnly
public boolean isAnonymousReadOnly()
Get whether an anonymous environment should be used for read-only operations.- Returns:
true
if an anonymous environment should be used for read-only operations,false
otherwise.
-
setAuthenticationStrategy
public void setAuthenticationStrategy(DirContextAuthenticationStrategy authenticationStrategy)
Set theDirContextAuthenticationStrategy
to use for preparing the environment and processing the createdDirContext
instances.- Parameters:
authenticationStrategy
- theDirContextAuthenticationStrategy
to use; default isSimpleDirContextAuthenticationStrategy
.
-
setReferral
public void setReferral(java.lang.String referral)
Set the method to handle referrals. Default is 'ignore'; setting this flag to 'follow' will enable referrals to be automatically followed. Note that this might require particular name server setup in order to work (the referred URLs will need to be automatically found using standard DNS resolution).- Parameters:
referral
- the value to set the system propertyContext.REFERRAL
to, customizing the way that referrals are handled.
-
getDirContextInstance
protected abstract javax.naming.directory.DirContext getDirContextInstance(java.util.Hashtable<java.lang.String,java.lang.Object> environment) throws javax.naming.NamingException
Implement in subclass to create a DirContext of the desired type (e.g. InitialDirContext or InitialLdapContext).- Parameters:
environment
- the environment to use when creating the instance.- Returns:
- a new DirContext instance.
- Throws:
javax.naming.NamingException
- if one is encountered when creating the instance.
-
-