LdapUserDetailsMapper (Spring Security 2.0.6.RELEASE API)

Overview

Package

Class

Use

Tree

Deprecated

Index

Help

Spring Security Framework

PREV CLASS NEXT CLASS

FRAMES NO FRAMES

SUMMARY: NESTED | FIELD | CONSTR | METHOD

DETAIL: FIELD | CONSTR | METHOD

org.springframework.security.userdetails.ldap
Class LdapUserDetailsMapper

java.lang.Object
  org.springframework.security.userdetails.ldap.LdapUserDetailsMapper

All Implemented Interfaces:: UserDetailsContextMapper

public class LdapUserDetailsMapper
extends Object
implements UserDetailsContextMapper
extends Object
implements UserDetailsContextMapper

The context mapper used by the LDAP authentication provider to create an LDAP user object.

Version:: $Id$
Author:: Luke Taylor

Constructor Summary
`LdapUserDetailsMapper()`

Method Summary
`protected GrantedAuthority`	`createAuthority(Object role)` Creates a GrantedAuthority from a role attribute.
`protected String`	`mapPassword(Object passwordValue)` Extension point to allow customized creation of the user's password from the attribute stored in the directory.
`UserDetails`	`mapUserFromContext(org.springframework.ldap.core.DirContextOperations ctx, String username, GrantedAuthority[] authorities)` Creates a fully populated UserDetails object for use by the security framework.
`void`	`mapUserToContext(UserDetails user, org.springframework.ldap.core.DirContextAdapter ctx)` Reverse of the above operation.
`void`	`setConvertToUpperCase(boolean convertToUpperCase)` Determines whether role field values will be converted to upper case when loaded.
`void`	`setPasswordAttributeName(String passwordAttributeName)` The name of the attribute which contains the user's password.
`void`	`setRoleAttributes(String[] roleAttributes)` The names of any attributes in the user's entry which represent application roles.
`void`	`setRolePrefix(String rolePrefix)` The prefix that should be applied to the role names

Methods inherited from class java.lang.Object
`clone, equals, finalize, getClass, hashCode, notify, notifyAll, toString, wait, wait, wait`

Constructor Detail

LdapUserDetailsMapper

public LdapUserDetailsMapper()

Method Detail

mapUserFromContext

public UserDetails mapUserFromContext(org.springframework.ldap.core.DirContextOperations ctx,
                                      String username,
                                      GrantedAuthority[] authorities)

Description copied from interface: UserDetailsContextMapper

Creates a fully populated UserDetails object for use by the security framework.

Specified by:: mapUserFromContext in interface UserDetailsContextMapper

Parameters:: ctx - the context object which contains the user information.; username - the user's supplied login name.; authorities - the list of authorities which the user should be given.
Returns:: the user object.

mapUserToContext

public void mapUserToContext(UserDetails user,
                             org.springframework.ldap.core.DirContextAdapter ctx)

Description copied from interface: UserDetailsContextMapper

Reverse of the above operation. Populates a context object from the supplied user object. Called when saving a user, for example.

Specified by:: mapUserToContext in interface UserDetailsContextMapper

mapPassword

protected String mapPassword(Object passwordValue)

Extension point to allow customized creation of the user's password from the attribute stored in the directory.

Parameters:: passwordValue - the value of the password attribute
Returns:: a String representation of the password.

createAuthority

protected GrantedAuthority createAuthority(Object role)

Creates a GrantedAuthority from a role attribute. Override to customize authority object creation.

The default implementation converts string attributes to roles, making use of the rolePrefix and convertToUpperCase properties. Non-String attributes are ignored.

Parameters:: role - the attribute returned from
Returns:: the authority to be added to the list of authorities for the user, or null if this attribute should be ignored.

setConvertToUpperCase

public void setConvertToUpperCase(boolean convertToUpperCase)

Determines whether role field values will be converted to upper case when loaded. The default is true.

Parameters:: convertToUpperCase - true if the roles should be converted to upper case.

setPasswordAttributeName

public void setPasswordAttributeName(String passwordAttributeName)

The name of the attribute which contains the user's password. Defaults to "userPassword".

Parameters:: passwordAttributeName - the name of the attribute

setRoleAttributes

public void setRoleAttributes(String[] roleAttributes)

The names of any attributes in the user's entry which represent application roles. These will be converted to GrantedAuthoritys and added to the list in the returned LdapUserDetails object. The attribute values must be Strings by default.

Parameters:: roleAttributes - the names of the role attributes.

setRolePrefix

public void setRolePrefix(String rolePrefix)

The prefix that should be applied to the role names

Parameters:: rolePrefix - the prefix (defaults to "ROLE_").