Package edu.vt.middleware.ldap.auth
Class Authenticator
- java.lang.Object
-
- edu.vt.middleware.ldap.auth.AbstractAuthenticator<AuthenticatorConfig>
-
- edu.vt.middleware.ldap.auth.Authenticator
-
- All Implemented Interfaces:
java.io.Serializable
- Direct Known Subclasses:
JaasAuthenticator
public class Authenticator extends AbstractAuthenticator<AuthenticatorConfig> implements java.io.Serializable
Authenticator
contains functions for authenticating a user against an LDAP.- Version:
- $Revision: 1330 $ $Date: 2010-05-24 00:10:53 +0200 (Mon, 24 May 2010) $
- Author:
- Middleware Services
- See Also:
- Serialized Form
-
-
Field Summary
-
Fields inherited from class edu.vt.middleware.ldap.auth.AbstractAuthenticator
config, logger
-
-
Constructor Summary
Constructors Constructor Description Authenticator()
Default constructor.Authenticator(AuthenticatorConfig authConfig)
This will create a newAuthenticator
with the suppliedAuthenticatorConfig
.
-
Method Summary
All Methods Instance Methods Concrete Methods Modifier and Type Method Description boolean
authenticate()
This will authenticate by binding to the LDAP using parameters given byAuthenticatorConfig.setUser(java.lang.String)
andAuthenticatorConfig.setCredential(java.lang.Object)
.javax.naming.directory.Attributes
authenticate(java.lang.String[] retAttrs)
This will authenticate by binding to the LDAP using parameters given byAuthenticatorConfig.setUser(java.lang.String)
andAuthenticatorConfig.setCredential(java.lang.Object)
.boolean
authenticate(java.lang.String user, java.lang.Object credential)
This will authenticate by binding to the LDAP with the supplied user and credential.boolean
authenticate(java.lang.String user, java.lang.Object credential, AuthenticationResultHandler[] authHandler, AuthorizationHandler[] authzHandler)
This will authenticate by binding to the LDAP with the supplied user and credential.boolean
authenticate(java.lang.String user, java.lang.Object credential, SearchFilter filter)
This will authenticate by binding to the LDAP with the supplied user and credential.javax.naming.directory.Attributes
authenticate(java.lang.String user, java.lang.Object credential, SearchFilter filter, java.lang.String[] retAttrs)
This will authenticate by binding to the LDAP with the supplied user and credential.javax.naming.directory.Attributes
authenticate(java.lang.String user, java.lang.Object credential, java.lang.String[] retAttrs)
This will authenticate by binding to the LDAP with the supplied user and credential.javax.naming.directory.Attributes
authenticate(java.lang.String user, java.lang.Object credential, java.lang.String[] retAttrs, AuthenticationResultHandler[] authHandler, AuthorizationHandler[] authzHandler)
This will authenticate by binding to the LDAP with the supplied user and credential.AuthenticatorConfig
getAuthenticatorConfig()
This returns theAuthenticatorConfig
of theAuthenticator
.java.lang.String
getDn(java.lang.String user)
This will attempt to find the LDAP DN for the supplied user.void
loadFromProperties()
This will set the config parameters of thisAuthenticator
using the default properties file, which must be located in your classpath.void
loadFromProperties(java.io.InputStream is)
This will set the config parameters of thisAuthenticator
using the supplied input stream.-
Methods inherited from class edu.vt.middleware.ldap.auth.AbstractAuthenticator
authenticateAndAuthorize, authenticateAndAuthorize, close, setAuthenticatorConfig
-
-
-
-
Constructor Detail
-
Authenticator
public Authenticator()
Default constructor.
-
Authenticator
public Authenticator(AuthenticatorConfig authConfig)
This will create a newAuthenticator
with the suppliedAuthenticatorConfig
.- Parameters:
authConfig
-AuthenticatorConfig
-
-
Method Detail
-
getAuthenticatorConfig
public AuthenticatorConfig getAuthenticatorConfig()
This returns theAuthenticatorConfig
of theAuthenticator
.- Returns:
AuthenticatorConfig
-
loadFromProperties
public void loadFromProperties()
This will set the config parameters of thisAuthenticator
using the default properties file, which must be located in your classpath.
-
loadFromProperties
public void loadFromProperties(java.io.InputStream is)
This will set the config parameters of thisAuthenticator
using the supplied input stream.- Parameters:
is
-InputStream
-
getDn
public java.lang.String getDn(java.lang.String user) throws javax.naming.NamingException
This will attempt to find the LDAP DN for the supplied user.AuthenticatorConfig.dnResolver
is invoked to perform this operation.- Parameters:
user
-String
to find dn for- Returns:
String
- user's dn- Throws:
javax.naming.NamingException
- an LDAP error occurs
-
authenticate
public boolean authenticate() throws javax.naming.NamingException
This will authenticate by binding to the LDAP using parameters given byAuthenticatorConfig.setUser(java.lang.String)
andAuthenticatorConfig.setCredential(java.lang.Object)
. Seeauthenticate(String, Object)
.- Returns:
boolean
- whether the bind succeeded- Throws:
javax.naming.NamingException
- if the authentication fails for any other reason than invalid credentials
-
authenticate
public boolean authenticate(java.lang.String user, java.lang.Object credential) throws javax.naming.NamingException
This will authenticate by binding to the LDAP with the supplied user and credential. IfAuthenticatorConfig.setAuthorizationFilter(java.lang.String)
has been called, then it will be used to authorize the user by performing an ldap compare. Seeauthenticate(String, Object, SearchFilter)
.- Parameters:
user
-String
username for bindcredential
-Object
credential for bind- Returns:
boolean
- whether the bind succeeded- Throws:
javax.naming.NamingException
- if the authentication fails for any other reason than invalid credentials
-
authenticate
public boolean authenticate(java.lang.String user, java.lang.Object credential, SearchFilter filter) throws javax.naming.NamingException
This will authenticate by binding to the LDAP with the supplied user and credential. If the supplied filter is not null it will be injected into a new instance of CompareAuthorizationHandler and set as the first AuthorizationHandler to execute. IfAuthenticatorConfig.setAuthenticationResultHandlers( AuthenticationResultHandler[])
has been called, then it will be used to post process authentication results. Seeauthenticate(String, Object, AuthenticationResultHandler[], AuthorizationHandler[])
.- Parameters:
user
-String
username for bindcredential
-Object
credential for bindfilter
-SearchFilter
to authorize user- Returns:
boolean
- whether the bind succeeded- Throws:
javax.naming.NamingException
- if the authentication fails for any other reason than invalid credentials
-
authenticate
public boolean authenticate(java.lang.String user, java.lang.Object credential, AuthenticationResultHandler[] authHandler, AuthorizationHandler[] authzHandler) throws javax.naming.NamingException
This will authenticate by binding to the LDAP with the supplied user and credential. The user's DN will be looked up before performing the bind by callingDnResolver.resolve(String)
. SeeAbstractAuthenticator.authenticateAndAuthorize(String, Object, AuthenticationResultHandler[], AuthorizationHandler[])
.- Parameters:
user
-String
username for bindcredential
-Object
credential for bindauthHandler
-AuthenticationResultHandler[]
to post process authentication resultsauthzHandler
-AuthorizationHandler[]
to process authorization after authentication- Returns:
boolean
- whether the bind succeeded- Throws:
javax.naming.NamingException
- if the authentication fails for any other reason than invalid credentials
-
authenticate
public javax.naming.directory.Attributes authenticate(java.lang.String[] retAttrs) throws javax.naming.NamingException
This will authenticate by binding to the LDAP using parameters given byAuthenticatorConfig.setUser(java.lang.String)
andAuthenticatorConfig.setCredential(java.lang.Object)
. Seeauthenticate(String,Object,String[])
- Parameters:
retAttrs
-String[]
attributes to return- Returns:
Attributes
- of authenticated user- Throws:
javax.naming.NamingException
- if any of the ldap operations fail
-
authenticate
public javax.naming.directory.Attributes authenticate(java.lang.String user, java.lang.Object credential, java.lang.String[] retAttrs) throws javax.naming.NamingException
This will authenticate by binding to the LDAP with the supplied user and credential. IfAuthenticatorConfig.setAuthorizationFilter(java.lang.String)
has been called, then it will be used to authorize the user by performing an ldap compare. Seeauthenticate(String, Object, SearchFilter, String[])
- Parameters:
user
-String
username for bindcredential
-Object
credential for bindretAttrs
-String[]
to return- Returns:
Attributes
- of authenticated user- Throws:
javax.naming.NamingException
- if any of the ldap operations fail
-
authenticate
public javax.naming.directory.Attributes authenticate(java.lang.String user, java.lang.Object credential, SearchFilter filter, java.lang.String[] retAttrs) throws javax.naming.NamingException
This will authenticate by binding to the LDAP with the supplied user and credential. If the supplied filter is not null it will be injected into a new instance of CompareAuthorizationHandler and set as the first AuthorizationHandler to execute. Seeauthenticate(String, Object, String[], AuthenticationResultHandler[], AuthorizationHandler[])
.- Parameters:
user
-String
username for bindcredential
-Object
credential for bindfilter
-SearchFilter
to authorize userretAttrs
-String[]
to return- Returns:
Attributes
- of authenticated user- Throws:
javax.naming.NamingException
- if any of the ldap operations fail
-
authenticate
public javax.naming.directory.Attributes authenticate(java.lang.String user, java.lang.Object credential, java.lang.String[] retAttrs, AuthenticationResultHandler[] authHandler, AuthorizationHandler[] authzHandler) throws javax.naming.NamingException
This will authenticate by binding to the LDAP with the supplied user and credential. The user's DN will be looked up before performing the bind by callingDnResolver.resolve(String)
. SeeAbstractAuthenticator.authenticateAndAuthorize(String, Object, boolean, String[], AuthenticationResultHandler[], AuthorizationHandler[])
.- Parameters:
user
-String
username for bindcredential
-Object
credential for bindretAttrs
-String[]
to returnauthHandler
-AuthenticationResultHandler[]
to post process authentication resultsauthzHandler
-AuthorizationHandler[]
to process authorization after authentication- Returns:
Attributes
- of authenticated user- Throws:
javax.naming.NamingException
- if any of the ldap operations fail
-
-