org.springframework.security.ldap
Class DefaultSpringSecurityContextSource
java.lang.Object
org.springframework.ldap.core.support.AbstractContextSource
org.springframework.ldap.core.support.LdapContextSource
org.springframework.security.ldap.DefaultSpringSecurityContextSource
- All Implemented Interfaces:
- InitializingBean, ContextSource, BaseLdapPathContextSource, BaseLdapPathSource
- Direct Known Subclasses:
- PasswordPolicyAwareContextSource
public class DefaultSpringSecurityContextSource
- extends LdapContextSource
ContextSource implementation which uses Spring LDAP's LdapContextSource as a base
class. Used internally by the Spring Security LDAP namespace configuration.
From Spring Security 3.0, Spring LDAP 1.3 is used and the ContextSource interface
provides support for binding with a username and password. As a result, Spring LDAP ContextSource
implementations such as LdapContextSource may be used directly with Spring Security.
Spring LDAP 1.3 doesn't have JVM-level LDAP connection pooling enabled by default. This class sets the
pooled property to true, but customizes the DirContextAuthenticationStrategy used to disable
pooling when the DN doesn't match the userDn property. This prevents pooling for calls
to AbstractContextSource.getContext(String, String) to authenticate as specific users.
- Since:
- 2.0
|
Field Summary |
protected org.apache.commons.logging.Log |
logger
|
| Methods inherited from class org.springframework.ldap.core.support.AbstractContextSource |
afterPropertiesSet, assembleProviderUrlString, createContext, getAnonymousEnv, getAuthenticatedEnv, getAuthenticationSource, getBase, getBaseLdapPath, getBaseLdapPathAsString, getContext, getContextFactory, getDirObjectFactory, getReadOnlyContext, getReadWriteContext, getUrls, isAnonymousReadOnly, isPooled, setAnonymousReadOnly, setAuthenticationSource, setAuthenticationStrategy, setBase, setBaseEnvironmentProperties, setCacheEnvironmentProperties, setContextFactory, setDirObjectFactory, setPassword, setPooled, setReferral, setupAuthenticatedEnvironment, setUrl, setUrls, setUserDn |
| Methods inherited from class java.lang.Object |
clone, equals, finalize, getClass, hashCode, notify, notifyAll, toString, wait, wait, wait |
logger
protected final org.apache.commons.logging.Log logger
DefaultSpringSecurityContextSource
public DefaultSpringSecurityContextSource(String providerUrl)
- Create and initialize an instance which will connect to the supplied LDAP URL. If you
want to use more than one server for fail-over, rather use
the
DefaultSpringSecurityContextSource(List, String) constructor.
- Parameters:
providerUrl - an LDAP URL of the form ldap://localhost:389/base_dn
DefaultSpringSecurityContextSource
public DefaultSpringSecurityContextSource(List<String> urls,
String baseDn)
- Create and initialize an instance which will connect of the LDAP Spring Security
Context Source. It will connect to any of the provided LDAP server URLs.
- Parameters:
urls - A list of string values which are LDAP server URLs. An example would be
ldap://ldap.company.com:389. LDAPS URLs (SSL-secured) may be used as well,
given that Spring Security is able to connect to the server.
Note that these URLs must not include the base DN!baseDn - The common Base DN for all provided servers, e.g.
dc=company,dc=com
.