Package org.ldaptive.auth
Class AbstractSearchEntryResolver
- java.lang.Object
-
- org.ldaptive.AbstractSearchOperationFactory
-
- org.ldaptive.auth.AbstractSearchEntryResolver
-
- All Implemented Interfaces:
EntryResolver
,ConnectionFactoryManager
- Direct Known Subclasses:
AuthorizationIdentityEntryResolver
,SearchEntryResolver
,WhoAmIEntryResolver
public abstract class AbstractSearchEntryResolver extends AbstractSearchOperationFactory implements EntryResolver
Base implementation for search entry resolvers. Uses an object level search on theAuthenticationCriteria.getDn()
if nouserFilter
is configured. If auserFilter
is configured, then a search is executed using that filter.- Author:
- Middleware Services
-
-
Field Summary
-
Fields inherited from class org.ldaptive.AbstractSearchOperationFactory
logger
-
-
Constructor Summary
Constructors Constructor Description AbstractSearchEntryResolver()
-
Method Summary
All Methods Instance Methods Abstract Methods Concrete Methods Modifier and Type Method Description protected FilterTemplate
createFilterTemplate(AuthenticationCriteria ac)
Returns a filter template usinguserFilter
anduserFilterParameters
.protected SearchRequest
createSearchRequest(AuthenticationCriteria ac)
Returns a search request for the supplied authentication criteria.boolean
getAllowMultipleEntries()
Returns whether entry resolution should fail if multiple entries are found.java.lang.String
getBaseDn()
Returns the base DN.java.lang.String[]
getBinaryAttributes()
Returns names of binary attributes.DerefAliases
getDerefAliases()
Returns how to dereference aliases.boolean
getSubtreeSearch()
Returns whether subtree searching will be used.java.lang.String
getUserFilter()
Returns the filter used to search for the user.java.lang.Object[]
getUserFilterParameters()
Returns the filter parameters used to search for the user.protected abstract SearchResponse
performLdapSearch(AuthenticationCriteria criteria, AuthenticationHandlerResponse response)
Executes an ldap search with the supplied authentication criteria.LdapEntry
resolve(AuthenticationCriteria criteria, AuthenticationHandlerResponse response)
Attempts to find the LDAP entry for the supplied authentication criteria and authentication handler response.void
setAllowMultipleEntries(boolean b)
Sets whether entry resolution should fail if multiple entries are found.void
setBaseDn(java.lang.String dn)
Sets the base DN.void
setBinaryAttributes(java.lang.String... attrs)
Sets names of binary attributes.void
setDerefAliases(DerefAliases da)
Sets how to dereference aliases.void
setSubtreeSearch(boolean b)
Sets whether subtree searching will be used.void
setUserFilter(java.lang.String filter)
Sets the filter used to search for the user.void
setUserFilterParameters(java.lang.Object[] filterParams)
Sets the filter parameters used to search for the user.-
Methods inherited from class org.ldaptive.AbstractSearchOperationFactory
createSearchOperation, createSearchOperation, getConnectionFactory, getEntryHandlers, getExceptionHandler, getResultHandlers, getSearchResultHandlers, setConnectionFactory, setEntryHandlers, setExceptionHandler, setResultHandlers, setSearchResultHandlers
-
-
-
-
Method Detail
-
getBaseDn
public java.lang.String getBaseDn()
Returns the base DN.- Returns:
- base DN
-
setBaseDn
public void setBaseDn(java.lang.String dn)
Sets the base DN.- Parameters:
dn
- base DN
-
getUserFilter
public java.lang.String getUserFilter()
Returns the filter used to search for the user.- Returns:
- filter for searching
-
setUserFilter
public void setUserFilter(java.lang.String filter)
Sets the filter used to search for the user.- Parameters:
filter
- for searching
-
getUserFilterParameters
public java.lang.Object[] getUserFilterParameters()
Returns the filter parameters used to search for the user.- Returns:
- filter parameters
-
setUserFilterParameters
public void setUserFilterParameters(java.lang.Object[] filterParams)
Sets the filter parameters used to search for the user.- Parameters:
filterParams
- filter parameters
-
getAllowMultipleEntries
public boolean getAllowMultipleEntries()
Returns whether entry resolution should fail if multiple entries are found.- Returns:
- whether an exception will be thrown if multiple entries are found
-
setAllowMultipleEntries
public void setAllowMultipleEntries(boolean b)
Sets whether entry resolution should fail if multiple entries are found. If false an exception will be thrown ifresolve(AuthenticationCriteria, AuthenticationHandlerResponse)
finds more than one entry matching it's filter. Otherwise the first entry found is returned.- Parameters:
b
- whether multiple entries are allowed
-
getSubtreeSearch
public boolean getSubtreeSearch()
Returns whether subtree searching will be used.- Returns:
- whether the entry will be searched for over the entire base
-
setSubtreeSearch
public void setSubtreeSearch(boolean b)
Sets whether subtree searching will be used. If true, the entry will be searched for over the entiregetBaseDn()
. Otherwise the entry will be searched for in thegetBaseDn()
context.- Parameters:
b
- whether the entry will be searched for over the entire base
-
getDerefAliases
public DerefAliases getDerefAliases()
Returns how to dereference aliases.- Returns:
- how to dereference aliases
-
setDerefAliases
public void setDerefAliases(DerefAliases da)
Sets how to dereference aliases.- Parameters:
da
- how to dereference aliases
-
getBinaryAttributes
public java.lang.String[] getBinaryAttributes()
Returns names of binary attributes.- Returns:
- binary attribute names
-
setBinaryAttributes
public void setBinaryAttributes(java.lang.String... attrs)
Sets names of binary attributes.- Parameters:
attrs
- binary attribute names
-
performLdapSearch
protected abstract SearchResponse performLdapSearch(AuthenticationCriteria criteria, AuthenticationHandlerResponse response) throws LdapException
Executes an ldap search with the supplied authentication criteria.- Parameters:
criteria
- authentication criteria associated with the userresponse
- response from the authentication event- Returns:
- search result
- Throws:
LdapException
- if an error occurs attempting the search
-
createFilterTemplate
protected FilterTemplate createFilterTemplate(AuthenticationCriteria ac)
Returns a filter template usinguserFilter
anduserFilterParameters
.User.getIdentifier()
is injected with a named parameter of 'user',User.getContext()
is injected with a named parameter of 'context', andAuthenticationCriteria.getDn()
is injected with a named parameter of 'dn'.- Parameters:
ac
- authentication criteria- Returns:
- filter template
-
createSearchRequest
protected SearchRequest createSearchRequest(AuthenticationCriteria ac)
Returns a search request for the supplied authentication criteria. If nouserFilter
is defined then an object level search on the authentication criteria DN is returned. Otherwise theuserFilter
,baseDn
andsubtreeSearch
are used to create the search request.- Parameters:
ac
- authentication criteria containing a DN- Returns:
- search request
-
resolve
public LdapEntry resolve(AuthenticationCriteria criteria, AuthenticationHandlerResponse response) throws LdapException
Description copied from interface:EntryResolver
Attempts to find the LDAP entry for the supplied authentication criteria and authentication handler response. The connection available in the response should not be closed in this method.- Specified by:
resolve
in interfaceEntryResolver
- Parameters:
criteria
- authentication criteria used to perform the authenticationresponse
- produced by the authentication handler- Returns:
- ldap entry
- Throws:
LdapException
- if an LDAP error occurs
-
-