Package org.springframework.security.config.ldap

Class AbstractLdapAuthenticationManagerFactory<T extends AbstractLdapAuthenticator>

java.lang.Object

org.springframework.security.config.ldap.AbstractLdapAuthenticationManagerFactory<T>

Direct Known Subclasses:

LdapBindAuthenticationManagerFactory, LdapPasswordComparisonAuthenticationManagerFactory

public abstract class AbstractLdapAuthenticationManagerFactory<T extends AbstractLdapAuthenticator>
extends java.lang.Object

Creates an AuthenticationManager that can perform LDAP authentication.

Since:

5.7

Method Summary

Modifier and Type	Method	Description
AuthenticationManager	createAuthenticationManager()	Returns the configured AuthenticationManager that can be used to perform LDAP authentication.
protected abstract T	createDefaultLdapAuthenticator()	Allows subclasses to supply the default AbstractLdapAuthenticator.
protected org.springframework.ldap.core.support.BaseLdapPathContextSource	getContextSource()	Gets the BaseLdapPathContextSource used to perform LDAP authentication.
void	setAuthoritiesMapper(GrantedAuthoritiesMapper authoritiesMapper)	Sets the GrantedAuthoritiesMapper used for converting the authorities loaded from storage to a new set of authorities which will be associated to the UsernamePasswordAuthenticationToken.
void	setContextSource(org.springframework.ldap.core.support.BaseLdapPathContextSource contextSource)	Sets the BaseLdapPathContextSource used to perform LDAP authentication.
void	setLdapAuthoritiesPopulator(LdapAuthoritiesPopulator ldapAuthoritiesPopulator)	Sets the LdapAuthoritiesPopulator used to obtain a list of granted authorities for an LDAP user.
void	setUserDetailsContextMapper(UserDetailsContextMapper userDetailsContextMapper)	Sets a custom strategy to be used for creating the UserDetails which will be stored as the principal in the Authentication.
void	setUserDnPatterns(java.lang.String... userDnPatterns)	If your users are at a fixed location in the directory (i.e.
void	setUserSearchBase(java.lang.String userSearchBase)	Search base for user searches.
void	setUserSearchFilter(java.lang.String userSearchFilter)	The LDAP filter used to search for users (optional).

Methods inherited from class java.lang.Object

clone, equals, finalize, getClass, hashCode, notify, notifyAll, toString, wait, wait, wait

Method Detail

setContextSource

public void setContextSource(org.springframework.ldap.core.support.BaseLdapPathContextSource contextSource)

Sets the BaseLdapPathContextSource used to perform LDAP authentication.

Parameters:

contextSource - the BaseLdapPathContextSource used to perform LDAP authentication

getContextSource

protected final org.springframework.ldap.core.support.BaseLdapPathContextSource getContextSource()

Gets the BaseLdapPathContextSource used to perform LDAP authentication.

Returns:

the BaseLdapPathContextSource used to perform LDAP authentication

setLdapAuthoritiesPopulator

public void setLdapAuthoritiesPopulator(LdapAuthoritiesPopulator ldapAuthoritiesPopulator)

Sets the LdapAuthoritiesPopulator used to obtain a list of granted authorities for an LDAP user.

Parameters:

ldapAuthoritiesPopulator - the LdapAuthoritiesPopulator to use

setAuthoritiesMapper

public void setAuthoritiesMapper(GrantedAuthoritiesMapper authoritiesMapper)

Sets the GrantedAuthoritiesMapper used for converting the authorities loaded from storage to a new set of authorities which will be associated to the UsernamePasswordAuthenticationToken.

Parameters:

authoritiesMapper - the GrantedAuthoritiesMapper used for mapping the user's authorities

setUserDetailsContextMapper

public void setUserDetailsContextMapper(UserDetailsContextMapper userDetailsContextMapper)

Sets a custom strategy to be used for creating the UserDetails which will be stored as the principal in the Authentication.

Parameters:

userDetailsContextMapper - the strategy instance

setUserDnPatterns

public void setUserDnPatterns(java.lang.String... userDnPatterns)

If your users are at a fixed location in the directory (i.e. you can work out the DN directly from the username without doing a directory search), you can use this attribute to map directly to the DN. It maps directly to the userDnPatterns property of AbstractLdapAuthenticator. The value is a specific pattern used to build the user's DN, for example "uid={0},ou=people". The key "{0}" must be present and will be substituted with the username.

Parameters:

userDnPatterns - the LDAP patterns for finding the usernames

setUserSearchFilter

public void setUserSearchFilter(java.lang.String userSearchFilter)

The LDAP filter used to search for users (optional). For example "(uid={0})". The substituted parameter is the user's login name.

Parameters:

userSearchFilter - the LDAP filter used to search for users

setUserSearchBase

public void setUserSearchBase(java.lang.String userSearchBase)

Search base for user searches. Defaults to "". Only used with setUserSearchFilter(String).

Parameters:

userSearchBase - search base for user searches

createAuthenticationManager

public final AuthenticationManager createAuthenticationManager()

Returns the configured AuthenticationManager that can be used to perform LDAP authentication.

Returns:

the configured AuthenticationManager

createDefaultLdapAuthenticator

protected abstract T createDefaultLdapAuthenticator()

Allows subclasses to supply the default AbstractLdapAuthenticator.

Returns:

the AbstractLdapAuthenticator that will be configured for LDAP authentication