Package org.ldaptive.auth

Class AbstractSearchEntryResolver

java.lang.Object

org.ldaptive.AbstractSearchOperationFactory

org.ldaptive.auth.AbstractSearchEntryResolver

All Implemented Interfaces:

EntryResolver, ConnectionFactoryManager

Direct Known Subclasses:

AuthorizationIdentityEntryResolver, SearchEntryResolver, WhoAmIEntryResolver

public abstract class AbstractSearchEntryResolver
extends AbstractSearchOperationFactory
implements EntryResolver

Base implementation for search entry resolvers. Uses an object level search on the AuthenticationCriteria.getDn() if no userFilter is configured. If a userFilter is configured, then a search is executed using that filter.

Author:

Middleware Services

Field Summary

Fields inherited from class org.ldaptive.AbstractSearchOperationFactory

logger

Constructor Summary

Constructors

Constructor	Description
AbstractSearchEntryResolver()

Method Summary

Modifier and Type	Method	Description
protected FilterTemplate	createFilterTemplate(AuthenticationCriteria ac)	Returns a filter template using userFilter and userFilterParameters.
protected SearchRequest	createSearchRequest(AuthenticationCriteria ac)	Returns a search request for the supplied authentication criteria.
boolean	getAllowMultipleEntries()	Returns whether entry resolution should fail if multiple entries are found.
java.lang.String	getBaseDn()	Returns the base DN.
java.lang.String[]	getBinaryAttributes()	Returns names of binary attributes.
DerefAliases	getDerefAliases()	Returns how to dereference aliases.
boolean	getSubtreeSearch()	Returns whether subtree searching will be used.
java.lang.String	getUserFilter()	Returns the filter used to search for the user.
java.lang.Object[]	getUserFilterParameters()	Returns the filter parameters used to search for the user.
protected abstract SearchResponse	performLdapSearch(AuthenticationCriteria criteria, AuthenticationHandlerResponse response)	Executes an ldap search with the supplied authentication criteria.
LdapEntry	resolve(AuthenticationCriteria criteria, AuthenticationHandlerResponse response)	Attempts to find the LDAP entry for the supplied authentication criteria and authentication handler response.
void	setAllowMultipleEntries(boolean b)	Sets whether entry resolution should fail if multiple entries are found.
void	setBaseDn(java.lang.String dn)	Sets the base DN.
void	setBinaryAttributes(java.lang.String... attrs)	Sets names of binary attributes.
void	setDerefAliases(DerefAliases da)	Sets how to dereference aliases.
void	setSubtreeSearch(boolean b)	Sets whether subtree searching will be used.
void	setUserFilter(java.lang.String filter)	Sets the filter used to search for the user.
void	setUserFilterParameters(java.lang.Object[] filterParams)	Sets the filter parameters used to search for the user.

Methods inherited from class org.ldaptive.AbstractSearchOperationFactory

createSearchOperation, createSearchOperation, getConnectionFactory, getEntryHandlers, getExceptionHandler, getResultHandlers, getSearchResultHandlers, setConnectionFactory, setEntryHandlers, setExceptionHandler, setResultHandlers, setSearchResultHandlers

Methods inherited from class java.lang.Object

clone, equals, finalize, getClass, hashCode, notify, notifyAll, toString, wait, wait, wait

Constructor Detail

AbstractSearchEntryResolver

public AbstractSearchEntryResolver()

Method Detail

getBaseDn

public java.lang.String getBaseDn()

Returns the base DN.

Returns:

base DN

setBaseDn

public void setBaseDn(java.lang.String dn)

Sets the base DN.

Parameters:

dn - base DN

getUserFilter

public java.lang.String getUserFilter()

Returns the filter used to search for the user.

Returns:

filter for searching

setUserFilter

public void setUserFilter(java.lang.String filter)

Sets the filter used to search for the user.

Parameters:

filter - for searching

getUserFilterParameters

public java.lang.Object[] getUserFilterParameters()

Returns the filter parameters used to search for the user.

Returns:

filter parameters

setUserFilterParameters

public void setUserFilterParameters(java.lang.Object[] filterParams)

Sets the filter parameters used to search for the user.

Parameters:

filterParams - filter parameters

getAllowMultipleEntries

public boolean getAllowMultipleEntries()

Returns whether entry resolution should fail if multiple entries are found.

Returns:

whether an exception will be thrown if multiple entries are found

setAllowMultipleEntries

public void setAllowMultipleEntries(boolean b)

Sets whether entry resolution should fail if multiple entries are found. If false an exception will be thrown if resolve(AuthenticationCriteria, AuthenticationHandlerResponse) finds more than one entry matching it's filter. Otherwise the first entry found is returned.

Parameters:

b - whether multiple entries are allowed

getSubtreeSearch

public boolean getSubtreeSearch()

Returns whether subtree searching will be used.

Returns:

whether the entry will be searched for over the entire base

setSubtreeSearch

public void setSubtreeSearch(boolean b)

Sets whether subtree searching will be used. If true, the entry will be searched for over the entire getBaseDn(). Otherwise the entry will be searched for in the getBaseDn() context.

Parameters:

b - whether the entry will be searched for over the entire base

getDerefAliases

public DerefAliases getDerefAliases()

Returns how to dereference aliases.

Returns:

how to dereference aliases

setDerefAliases

public void setDerefAliases(DerefAliases da)

Sets how to dereference aliases.

Parameters:

da - how to dereference aliases

getBinaryAttributes

public java.lang.String[] getBinaryAttributes()

Returns names of binary attributes.

Returns:

binary attribute names

setBinaryAttributes

public void setBinaryAttributes(java.lang.String... attrs)

Sets names of binary attributes.

Parameters:

attrs - binary attribute names

performLdapSearch

protected abstract SearchResponse performLdapSearch(AuthenticationCriteria criteria,
                                                    AuthenticationHandlerResponse response)
                                             throws LdapException

Executes an ldap search with the supplied authentication criteria.

Parameters:

criteria - authentication criteria associated with the user

response - response from the authentication event

Returns:

search result

Throws:

LdapException - if an error occurs attempting the search

createFilterTemplate

protected FilterTemplate createFilterTemplate(AuthenticationCriteria ac)

Returns a filter template using userFilter and userFilterParameters. User.getIdentifier() is injected with a named parameter of 'user', User.getContext() is injected with a named parameter of 'context', and AuthenticationCriteria.getDn() is injected with a named parameter of 'dn'.

Parameters:

ac - authentication criteria

Returns:

filter template

createSearchRequest

protected SearchRequest createSearchRequest(AuthenticationCriteria ac)

Returns a search request for the supplied authentication criteria. If no userFilter is defined then an object level search on the authentication criteria DN is returned. Otherwise the userFilter, baseDn and subtreeSearch are used to create the search request.

Parameters:

ac - authentication criteria containing a DN

Returns:

search request

resolve

public LdapEntry resolve(AuthenticationCriteria criteria,
                         AuthenticationHandlerResponse response)
                  throws LdapException

Description copied from interface: EntryResolver

Attempts to find the LDAP entry for the supplied authentication criteria and authentication handler response. The connection available in the response should not be closed in this method.

Specified by:

resolve in interface EntryResolver

Parameters:

criteria - authentication criteria used to perform the authentication

response - produced by the authentication handler

Returns:

ldap entry

Throws:

LdapException - if an LDAP error occurs