Class LdapUsersLoginModule

    • Field Detail

      • bindDN

        protected String bindDN
      • bindCredential

        protected String bindCredential
      • baseDN

        protected String baseDN
      • baseFilter

        protected String baseFilter
      • searchTimeLimit

        protected int searchTimeLimit
      • searchScope

        protected int searchScope
      • distinguishedNameAttribute

        protected String distinguishedNameAttribute
      • parseUsername

        protected boolean parseUsername
      • usernameBeginString

        protected String usernameBeginString
      • usernameEndString

        protected String usernameEndString
      • allowEmptyPasswords

        protected boolean allowEmptyPasswords
    • Constructor Detail

      • LdapUsersLoginModule

        public LdapUsersLoginModule()
    • Method Detail

      • getRoleSets

        protected Group[] getRoleSets()
                               throws LoginException
        Description copied from class: AbstractServerLoginModule
        Overriden by subclasses to return the Groups that correspond to the to the role sets assigned to the user. Subclasses should create at least a Group named "Roles" that contains the roles assigned to the user. A second common group is "CallerPrincipal" that provides the application identity of the user rather than the security domain identity.
        Specified by:
        getRoleSets in class AbstractServerLoginModule
        Returns:
        Group[] containing the sets of roles
        Throws:
        LoginException
      • initialize

        public void initialize​(Subject subject,
                               CallbackHandler callbackHandler,
                               Map<String,​?> sharedState,
                               Map<String,​?> options)
        Description copied from class: UsernamePasswordLoginModule
        Override the superclass method to look for the following options after first invoking the super version.
        Specified by:
        initialize in interface LoginModule
        Overrides:
        initialize in class UsernamePasswordLoginModule
        Parameters:
        subject - the Subject to update after a successful login.
        callbackHandler - the CallbackHandler that will be used to obtain the the user identity and credentials.
        sharedState - a Map shared between all configured login module instances
        options - : option: hashAlgorithm - the message digest algorithm used to hash passwords. If null then plain passwords will be used. option: hashCharset - the name of the charset/encoding to use when converting the password String to a byte array. Default is the platform's default encoding. option: hashEncoding - the string encoding format to use. Defaults to base64. option: ignorePasswordCase: A flag indicating if the password comparison should ignore case. option: digestCallback - The class name of the DigestCallback DigestCallback implementation that includes pre/post digest content like salts for hashing the input password. Only used if hashAlgorithm has been specified. option: hashStorePassword - A flag indicating if the store password returned from #getUsersPassword() should be hashed . option: hashUserPassword - A flag indicating if the user entered password should be hashed. option: storeDigestCallback - The class name of the DigestCallback DigestCallback implementation that includes pre/post digest content like salts for hashing the store/expected password. Only used if hashStorePassword or hashUserPassword is true and hashAlgorithm has been specified.
      • validatePassword

        protected boolean validatePassword​(String inputPassword,
                                           String expectedPassword)
        Description copied from class: UsernamePasswordLoginModule
        A hook that allows subclasses to change the validation of the input password against the expected password. This version checks that neither inputPassword or expectedPassword are null that that inputPassword.equals(expectedPassword) is true;
        Overrides:
        validatePassword in class UsernamePasswordLoginModule
        Returns:
        true if the inputPassword is valid, false otherwise.