|
spring-security-ldap | ||||||||
| PREV CLASS NEXT CLASS | FRAMES NO FRAMES | ||||||||
| SUMMARY: NESTED | FIELD | CONSTR | METHOD | DETAIL: FIELD | CONSTR | METHOD | ||||||||
java.lang.Objectorg.springframework.security.ldap.userdetails.LdapUserDetailsManager
public class LdapUserDetailsManager
An Ldap implementation of UserDetailsManager.
It is designed around a standard setup where users and groups/roles are stored under separate contexts, defined by the "userDnBase" and "groupSearchBase" properties respectively.
In this case, LDAP is being used purely to retrieve information and this class can be used in place of any other UserDetailsService for authentication. Authentication isn't performed directly against the directory, unlike with the LDAP authentication provider setup.
| Constructor Summary | |
|---|---|
LdapUserDetailsManager(ContextSource contextSource)
|
|
| Method Summary | |
|---|---|
protected void |
addAuthorities(DistinguishedName userDn,
Collection<org.springframework.security.core.GrantedAuthority> authorities)
|
protected DistinguishedName |
buildGroupDn(String group)
Creates a DN from a group name. |
void |
changePassword(String oldPassword,
String newPassword)
Changes the password for the current user. |
protected void |
copyToContext(org.springframework.security.core.userdetails.UserDetails user,
DirContextAdapter ctx)
|
void |
createUser(org.springframework.security.core.userdetails.UserDetails user)
|
void |
deleteUser(String username)
|
org.springframework.security.core.userdetails.UserDetails |
loadUserByUsername(String username)
|
protected void |
removeAuthorities(DistinguishedName userDn,
List<org.springframework.security.core.GrantedAuthority> authorities)
|
void |
setAttributesToRetrieve(String[] attributesToRetrieve)
|
void |
setGroupMemberAttributeName(String groupMemberAttributeName)
Sets the name of the multi-valued attribute which holds the DNs of users who are members of a group. |
void |
setGroupRoleAttributeName(String groupRoleAttributeName)
|
void |
setGroupSearchBase(String groupSearchBase)
|
void |
setPasswordAttributeName(String passwordAttributeName)
|
void |
setRoleMapper(AttributesMapper roleMapper)
|
void |
setUserDetailsMapper(UserDetailsContextMapper userDetailsMapper)
|
void |
setUsernameMapper(LdapUsernameToDnMapper usernameMapper)
|
void |
updateUser(org.springframework.security.core.userdetails.UserDetails user)
|
boolean |
userExists(String username)
|
| Methods inherited from class java.lang.Object |
|---|
clone, equals, finalize, getClass, hashCode, notify, notifyAll, toString, wait, wait, wait |
| Constructor Detail |
|---|
public LdapUserDetailsManager(ContextSource contextSource)
| Method Detail |
|---|
public org.springframework.security.core.userdetails.UserDetails loadUserByUsername(String username)
throws org.springframework.security.core.userdetails.UsernameNotFoundException,
DataAccessException
loadUserByUsername in interface org.springframework.security.core.userdetails.UserDetailsServiceorg.springframework.security.core.userdetails.UsernameNotFoundException
DataAccessException
public void changePassword(String oldPassword,
String newPassword)
If the old password is supplied, the update will be made by rebinding as the user, thus modifying the password
using the user's permissions. If oldPassword is null, the update will be attempted using a
standard read/write context supplied by the context source.
changePassword in interface org.springframework.security.provisioning.UserDetailsManageroldPassword - the old passwordnewPassword - the new value of the password.public void createUser(org.springframework.security.core.userdetails.UserDetails user)
createUser in interface org.springframework.security.provisioning.UserDetailsManagerpublic void updateUser(org.springframework.security.core.userdetails.UserDetails user)
updateUser in interface org.springframework.security.provisioning.UserDetailsManagerpublic void deleteUser(String username)
deleteUser in interface org.springframework.security.provisioning.UserDetailsManagerpublic boolean userExists(String username)
userExists in interface org.springframework.security.provisioning.UserDetailsManagerprotected DistinguishedName buildGroupDn(String group)
group - the name of the group
protected void copyToContext(org.springframework.security.core.userdetails.UserDetails user,
DirContextAdapter ctx)
protected void addAuthorities(DistinguishedName userDn,
Collection<org.springframework.security.core.GrantedAuthority> authorities)
protected void removeAuthorities(DistinguishedName userDn,
List<org.springframework.security.core.GrantedAuthority> authorities)
public void setUsernameMapper(LdapUsernameToDnMapper usernameMapper)
public void setPasswordAttributeName(String passwordAttributeName)
public void setGroupSearchBase(String groupSearchBase)
public void setGroupRoleAttributeName(String groupRoleAttributeName)
public void setAttributesToRetrieve(String[] attributesToRetrieve)
public void setUserDetailsMapper(UserDetailsContextMapper userDetailsMapper)
public void setGroupMemberAttributeName(String groupMemberAttributeName)
Usually this will be uniquemember (the default value) or member.
groupMemberAttributeName - the name of the attribute used to store group members.public void setRoleMapper(AttributesMapper roleMapper)
|
spring-security-ldap | ||||||||
| PREV CLASS NEXT CLASS | FRAMES NO FRAMES | ||||||||
| SUMMARY: NESTED | FIELD | CONSTR | METHOD | DETAIL: FIELD | CONSTR | METHOD | ||||||||