Class LdapAuthority

java.lang.Object
org.springframework.security.ldap.userdetails.LdapAuthority
All Implemented Interfaces:
Serializable, GrantedAuthority

public class LdapAuthority extends Object implements GrantedAuthority
An authority that contains at least a DN and a role name for an LDAP entry but can also contain other desired attributes to be fetched during an LDAP authority search.
See Also:
  • Constructor Details

    • LdapAuthority

      public LdapAuthority(String role, String dn)
      Constructs an LdapAuthority that has a role and a DN but no other attributes
      Parameters:
      role - the principal's role
      dn - the distinguished name
    • LdapAuthority

      public LdapAuthority(String role, String dn, Map<String,List<String>> attributes)
      Constructs an LdapAuthority with the given role, DN and other LDAP attributes
      Parameters:
      role - the principal's role
      dn - the distinguished name
      attributes - additional LDAP attributes
  • Method Details

    • getAttributes

      public Map<String,List<String>> getAttributes()
      Returns the LDAP attributes
      Returns:
      the LDAP attributes, map can be null
    • getDn

      public String getDn()
      Returns the DN for this LDAP authority
      Returns:
      the distinguished name
    • getAttributeValues

      public List<String> getAttributeValues(String name)
      Returns the values for a specific attribute
      Parameters:
      name - the attribute name
      Returns:
      a String array, never null but may be zero length
    • getFirstAttributeValue

      public String getFirstAttributeValue(String name)
      Returns the first attribute value for a specified attribute
      Parameters:
      name - the attribute name
      Returns:
      the first attribute value for a specified attribute, may be null
    • getAuthority

      public String getAuthority()
      Description copied from interface: GrantedAuthority
      If the GrantedAuthority can be represented as a String and that String is sufficient in precision to be relied upon for an access control decision by an AccessDecisionManager (or delegate), this method should return such a String.

      If the GrantedAuthority cannot be expressed with sufficient precision as a String, null should be returned. Returning null will require an AccessDecisionManager (or delegate) to specifically support the GrantedAuthority implementation, so returning null should be avoided unless actually required.

      Specified by:
      getAuthority in interface GrantedAuthority
      Returns:
      a representation of the granted authority (or null if the granted authority cannot be expressed as a String with sufficient precision).
    • equals

      public boolean equals(Object obj)
      Compares the LdapAuthority based on getAuthority() and getDn() values.
      Overrides:
      equals in class Object
    • hashCode

      public int hashCode()
      Overrides:
      hashCode in class Object
    • toString

      public String toString()
      Overrides:
      toString in class Object