Class LdapAttributeMappingProvider
- java.lang.Object
-
- org.jboss.security.mapping.providers.attribute.LdapAttributeMappingProvider
-
- All Implemented Interfaces:
MappingProvider<List<Attribute<String>>>
public class LdapAttributeMappingProvider extends Object implements MappingProvider<List<Attribute<String>>>
Maps attributes from LDAP The options include whatever options your LDAP JNDI provider supports. Examples of standard property names are: Context.INITIAL_CONTEXT_FACTORY = "java.naming.factory.initial" Context.SECURITY_PROTOCOL = "java.naming.security.protocol" Context.PROVIDER_URL = "java.naming.provider.url" Context.SECURITY_AUTHENTICATION = "java.naming.security.authentication" Other Module Options:- bindDN:The DN used to bind against the ldap server for the user and roles queries. This is some DN with read/search permissions on the baseCtxDN and rolesCtxDN values. bindCredential: The password for the bindDN. This can be encrypted if the jaasSecurityDomain is specified. baseCtxDN: The fixed DN of the context to start the user search from. baseFilter:A search filter used to locate the context of the user to authenticate. The input username/userDN as obtained from the login module callback will be substituted into the filter anywhere a "{0}" expression is seen. This substituion behavior comes from the standard __DirContext.search(Name, String, Object[], SearchControls cons)__ method. An common example search filter is "(uid={0})". searchTimeLimit:The timeout in milliseconds for the user/role searches. Defaults to 10000 (10 seconds). attributeList: A comma-separated list of attributes for the user (Example: mail,cn,sn,employeeType,employeeNumber) jaasSecurityDomain: The JMX ObjectName of the JaasSecurityDomain to use to decrypt the java.naming.security.principal. The encrypted form of the password is that returned by the JaasSecurityDomain#encrypt64(byte[]) method. The org.jboss.security.plugins.PBEUtils can also be used to generate the encrypted form.- Since:
- August 5, 2009
- Author:
- Anil.Saldhana@redhat.com
-
-
Field Summary
Fields Modifier and Type Field Description protected int
searchTimeLimit
-
Constructor Summary
Constructors Constructor Description LdapAttributeMappingProvider()
-
Method Summary
All Methods Instance Methods Concrete Methods Modifier and Type Method Description void
init(Map<String,Object> options)
Initialize the provider with the configured module optionsvoid
performMapping(Map<String,Object> map, List<Attribute<String>> mappedObject)
Map the passed objectvoid
setMappingResult(MappingResult<List<Attribute<String>>> result)
Injected by the MappingContextboolean
supports(Class<?> clazz)
Whether this mapping provider supports mapping T
-
-
-
Method Detail
-
init
public void init(Map<String,Object> options)
Description copied from interface:MappingProvider
Initialize the provider with the configured module options- Specified by:
init
in interfaceMappingProvider<List<Attribute<String>>>
-
performMapping
public void performMapping(Map<String,Object> map, List<Attribute<String>> mappedObject)
Description copied from interface:MappingProvider
Map the passed object- Specified by:
performMapping
in interfaceMappingProvider<List<Attribute<String>>>
- Parameters:
map
- A read-only contextual map that can provide information to the providermappedObject
- an Object on which the mapping will be applied
-
setMappingResult
public void setMappingResult(MappingResult<List<Attribute<String>>> result)
Description copied from interface:MappingProvider
Injected by the MappingContext- Specified by:
setMappingResult
in interfaceMappingProvider<List<Attribute<String>>>
-
supports
public boolean supports(Class<?> clazz)
Description copied from interface:MappingProvider
Whether this mapping provider supports mapping T- Specified by:
supports
in interfaceMappingProvider<List<Attribute<String>>>
- Returns:
-
-