Package org.springframework.security.ldap.authentication

Class PasswordComparisonAuthenticator

java.lang.Object
org.springframework.security.ldap.authentication.AbstractLdapAuthenticator
org.springframework.security.ldap.authentication.PasswordComparisonAuthenticator
All Implemented Interfaces:
org.springframework.beans.factory.Aware, org.springframework.beans.factory.InitializingBean, org.springframework.context.MessageSourceAware, LdapAuthenticator
public final class PasswordComparisonAuthenticator extends AbstractLdapAuthenticator
An LdapAuthenticator which compares the login password with the value stored in the directory using a remote LDAP "compare" operation.

If passwords are stored in digest form in the repository, then a suitable PasswordEncoder implementation must be supplied. By default, passwords are encoded using the LdapShaPasswordEncoder. Note that compare operations will not work if salted-SHA (SSHA) passwords are used, as it is not possible to know the salt value which is a random byte sequence generated by the directory.

  • Constructor Details

    • PasswordComparisonAuthenticator

      public PasswordComparisonAuthenticator(org.springframework.ldap.core.support.BaseLdapPathContextSource contextSource)

  • Method Details

    • authenticate

      public org.springframework.ldap.core.DirContextOperations authenticate(Authentication authentication)
      Description copied from interface: LdapAuthenticator
      Authenticates as a user and obtains additional user information from the directory.
      Returns:
      the details of the successfully authenticated user.

    • setPasswordAttributeName

      public void setPasswordAttributeName(String passwordAttribute)

    • setUsePasswordAttrCompare

      public void setUsePasswordAttrCompare(boolean usePasswordAttrCompare)

    • setPasswordEncoder

      public void setPasswordEncoder(PasswordEncoder passwordEncoder)