Class LdapAttributeMappingProvider

  • All Implemented Interfaces:
    MappingProvider<List<Attribute<String>>>

    public class LdapAttributeMappingProvider
    extends Object
    implements MappingProvider<List<Attribute<String>>>
    Maps attributes from LDAP The options include whatever options your LDAP JNDI provider supports. Examples of standard property names are: Context.INITIAL_CONTEXT_FACTORY = "java.naming.factory.initial" Context.SECURITY_PROTOCOL = "java.naming.security.protocol" Context.PROVIDER_URL = "java.naming.provider.url" Context.SECURITY_AUTHENTICATION = "java.naming.security.authentication" Other Module Options:- bindDN:The DN used to bind against the ldap server for the user and roles queries. This is some DN with read/search permissions on the baseCtxDN and rolesCtxDN values. bindCredential: The password for the bindDN. This can be encrypted if the jaasSecurityDomain is specified. baseCtxDN: The fixed DN of the context to start the user search from. baseFilter:A search filter used to locate the context of the user to authenticate. The input username/userDN as obtained from the login module callback will be substituted into the filter anywhere a "{0}" expression is seen. This substituion behavior comes from the standard __DirContext.search(Name, String, Object[], SearchControls cons)__ method. An common example search filter is "(uid={0})". searchTimeLimit:The timeout in milliseconds for the user/role searches. Defaults to 10000 (10 seconds). attributeList: A comma-separated list of attributes for the user (Example: mail,cn,sn,employeeType,employeeNumber) jaasSecurityDomain: The JMX ObjectName of the JaasSecurityDomain to use to decrypt the java.naming.security.principal. The encrypted form of the password is that returned by the JaasSecurityDomain#encrypt64(byte[]) method. The org.jboss.security.plugins.PBEUtils can also be used to generate the encrypted form.
    Since:
    August 5, 2009
    Author:
    Anil.Saldhana@redhat.com