Class NestedLdapAuthoritiesPopulator

  • All Implemented Interfaces:
    LdapAuthoritiesPopulator

    public class NestedLdapAuthoritiesPopulator
    extends DefaultLdapAuthoritiesPopulator
    A LDAP authority populator that can recursively search static nested groups.

    An example of nested groups can be

      #Nested groups data
    
      dn: uid=javadude,ou=people,dc=springframework,dc=org
      objectclass: top
      objectclass: person
      objectclass: organizationalPerson
      objectclass: inetOrgPerson
      cn: Java Dude
      sn: Dude
      uid: javadude
      userPassword: javadudespassword
    
      dn: uid=groovydude,ou=people,dc=springframework,dc=org
      objectclass: top
      objectclass: person
      objectclass: organizationalPerson
      objectclass: inetOrgPerson
      cn: Groovy Dude
      sn: Dude
      uid: groovydude
      userPassword: groovydudespassword
    
      dn: uid=closuredude,ou=people,dc=springframework,dc=org
      objectclass: top
      objectclass: person
      objectclass: organizationalPerson
      objectclass: inetOrgPerson
      cn: Closure Dude
      sn: Dude
      uid: closuredude
      userPassword: closuredudespassword
    
      dn: uid=scaladude,ou=people,dc=springframework,dc=org
      objectclass: top
      objectclass: person
      objectclass: organizationalPerson
      objectclass: inetOrgPerson
      cn: Scala Dude
      sn: Dude
      uid: scaladude
      userPassword: scaladudespassword
    
      dn: cn=j-developers,ou=jdeveloper,dc=springframework,dc=org
      objectclass: top
      objectclass: groupOfNames
      cn: j-developers
      ou: jdeveloper
      member: cn=java-developers,ou=groups,dc=springframework,dc=org
    
      dn: cn=java-developers,ou=jdeveloper,dc=springframework,dc=org
      objectclass: top
      objectclass: groupOfNames
      cn: java-developers
      ou: jdeveloper
      member: cn=groovy-developers,ou=groups,dc=springframework,dc=org
      member: cn=scala-developers,ou=groups,dc=springframework,dc=org
      member: uid=javadude,ou=people,dc=springframework,dc=org
    
      dn: cn=groovy-developers,ou=jdeveloper,dc=springframework,dc=org
      objectclass: top
      objectclass: groupOfNames
      cn: java-developers
      ou: jdeveloper
      member: cn=closure-developers,ou=groups,dc=springframework,dc=org
      member: uid=groovydude,ou=people,dc=springframework,dc=org
    
      dn: cn=closure-developers,ou=jdeveloper,dc=springframework,dc=org
      objectclass: top
      objectclass: groupOfNames
      cn: java-developers
      ou: jdeveloper
      member: uid=closuredude,ou=people,dc=springframework,dc=org
    
      dn: cn=scala-developers,ou=jdeveloper,dc=springframework,dc=org
      objectclass: top
      objectclass: groupOfNames
      cn: java-developers
      ou: jdeveloper
      member: uid=scaladude,ou=people,dc=springframework,dc=org *
     
    • Constructor Detail

      • NestedLdapAuthoritiesPopulator

        public NestedLdapAuthoritiesPopulator​(org.springframework.ldap.core.ContextSource contextSource,
                                              java.lang.String groupSearchBase)
        Constructor for group search scenarios. userRoleAttributes may still be set as a property.
        Parameters:
        contextSource - supplies the contexts used to search for user roles.
        groupSearchBase - if this is an empty string the search will be performed from the root DN of the
    • Method Detail

      • setAttributeNames

        public void setAttributeNames​(java.util.Set<java.lang.String> attributeNames)
        Sets the attribute names to retrieve for each ldap groups. Null means retrieve all
        Parameters:
        attributeNames - - the names of the LDAP attributes to retrieve
      • setMaxSearchDepth

        public void setMaxSearchDepth​(int maxSearchDepth)
        How far should a nested search go. Depth is calculated in the number of levels we search up for parent groups.
        Parameters:
        maxSearchDepth - the max search depth