Class LdapUserDetailsMapper
java.lang.Object
org.springframework.security.ldap.userdetails.LdapUserDetailsMapper
- All Implemented Interfaces:
- UserDetailsContextMapper
The context mapper used by the LDAP authentication provider to create an LDAP user
 object.
- 
Constructor SummaryConstructors
- 
Method SummaryModifier and TypeMethodDescriptionprotected GrantedAuthoritycreateAuthority(Object role) Creates a GrantedAuthority from a role attribute.protected StringmapPassword(Object passwordValue) Extension point to allow customized creation of the user's password from the attribute stored in the directory.mapUserFromContext(org.springframework.ldap.core.DirContextOperations ctx, String username, Collection<? extends GrantedAuthority> authorities) Creates a fully populated UserDetails object for use by the security framework.voidmapUserToContext(UserDetails user, org.springframework.ldap.core.DirContextAdapter ctx) Reverse of the above operation.voidsetConvertToUpperCase(boolean convertToUpperCase) Determines whether role field values will be converted to upper case when loaded.voidsetPasswordAttributeName(String passwordAttributeName) The name of the attribute which contains the user's password.voidsetRoleAttributes(String[] roleAttributes) The names of any attributes in the user's entry which represent application roles.voidsetRolePrefix(String rolePrefix) The prefix that should be applied to the role names
- 
Constructor Details- 
LdapUserDetailsMapperpublic LdapUserDetailsMapper()
 
- 
- 
Method Details- 
mapUserFromContextpublic UserDetails mapUserFromContext(org.springframework.ldap.core.DirContextOperations ctx, String username, Collection<? extends GrantedAuthority> authorities) Description copied from interface:UserDetailsContextMapperCreates a fully populated UserDetails object for use by the security framework.- Specified by:
- mapUserFromContextin interface- UserDetailsContextMapper
- Parameters:
- ctx- the context object which contains the user information.
- username- the user's supplied login name.
- Returns:
- the user object.
 
- 
mapUserToContextDescription copied from interface:UserDetailsContextMapperReverse of the above operation. Populates a context object from the supplied user object. Called when saving a user, for example.- Specified by:
- mapUserToContextin interface- UserDetailsContextMapper
 
- 
mapPasswordExtension point to allow customized creation of the user's password from the attribute stored in the directory.- Parameters:
- passwordValue- the value of the password attribute
- Returns:
- a String representation of the password.
 
- 
createAuthorityCreates a GrantedAuthority from a role attribute. Override to customize authority object creation.The default implementation converts string attributes to roles, making use of the rolePrefix and convertToUpperCase properties. Non-String attributes are ignored. - Parameters:
- role- the attribute returned from
- Returns:
- the authority to be added to the list of authorities for the user, or null if this attribute should be ignored.
 
- 
setConvertToUpperCasepublic void setConvertToUpperCase(boolean convertToUpperCase) Determines whether role field values will be converted to upper case when loaded. The default is true.- Parameters:
- convertToUpperCase- true if the roles should be converted to upper case.
 
- 
setPasswordAttributeNameThe name of the attribute which contains the user's password. Defaults to "userPassword".- Parameters:
- passwordAttributeName- the name of the attribute
 
- 
setRoleAttributesThe names of any attributes in the user's entry which represent application roles. These will be converted to GrantedAuthoritys and added to the list in the returned LdapUserDetails object. The attribute values must be Strings by default.- Parameters:
- roleAttributes- the names of the role attributes.
 
- 
setRolePrefixThe prefix that should be applied to the role names- Parameters:
- rolePrefix- the prefix (defaults to "ROLE_").
 
 
-