Package org.ldaptive.auth
Class AbstractSearchEntryResolver
java.lang.Object
org.ldaptive.AbstractSearchOperationFactory
org.ldaptive.auth.AbstractSearchEntryResolver
- All Implemented Interfaces:
EntryResolver
,ConnectionFactoryManager
- Direct Known Subclasses:
AuthorizationIdentityEntryResolver
,SearchEntryResolver
,WhoAmIEntryResolver
public abstract class AbstractSearchEntryResolver
extends AbstractSearchOperationFactory
implements EntryResolver
Base implementation for search entry resolvers. Uses an object level search on the
AuthenticationCriteria.getDn()
if no userFilter
is configured. If a userFilter
is configured, then
a search is executed using that filter.-
Field Summary
FieldsModifier and TypeFieldDescriptionprivate boolean
Whether to throw an exception if multiple entries are found.private String
DN to search.private String[]
Binary attribute names.private DerefAliases
How to handle aliases.private boolean
Whether to use a subtree search when resolving DNs.private String
Filter for searching for the user.private Object[]
Filter parameters for searching for the user.Fields inherited from class org.ldaptive.AbstractSearchOperationFactory
logger
-
Constructor Summary
Constructors -
Method Summary
Modifier and TypeMethodDescriptionprotected FilterTemplate
Returns a filter template usinguserFilter
anduserFilterParameters
.protected SearchRequest
Returns a search request for the supplied authentication criteria.boolean
Returns whether entry resolution should fail if multiple entries are found.Returns the base DN.String[]
Returns names of binary attributes.Returns how to dereference aliases.boolean
Returns whether subtree searching will be used.Returns the filter used to search for the user.Object[]
Returns the filter parameters used to search for the user.protected abstract SearchResponse
performLdapSearch
(AuthenticationCriteria criteria, AuthenticationHandlerResponse response) Executes an ldap search with the supplied authentication criteria.resolve
(AuthenticationCriteria criteria, AuthenticationHandlerResponse response) Attempts to find the LDAP entry for the supplied authentication criteria and authentication handler response.void
setAllowMultipleEntries
(boolean b) Sets whether entry resolution should fail if multiple entries are found.void
Sets the base DN.void
setBinaryAttributes
(String... attrs) Sets names of binary attributes.void
Sets how to dereference aliases.void
setSubtreeSearch
(boolean b) Sets whether subtree searching will be used.void
setUserFilter
(String filter) Sets the filter used to search for the user.void
setUserFilterParameters
(Object[] filterParams) Sets the filter parameters used to search for the user.Methods inherited from class org.ldaptive.AbstractSearchOperationFactory
createSearchOperation, createSearchOperation, getConnectionFactory, getEntryHandlers, getExceptionHandler, getResultHandlers, getSearchResultHandlers, setConnectionFactory, setEntryHandlers, setExceptionHandler, setResultHandlers, setSearchResultHandlers
-
Field Details
-
baseDn
DN to search. -
userFilter
Filter for searching for the user. -
userFilterParameters
Filter parameters for searching for the user. -
allowMultipleEntries
private boolean allowMultipleEntriesWhether to throw an exception if multiple entries are found. -
subtreeSearch
private boolean subtreeSearchWhether to use a subtree search when resolving DNs. -
derefAliases
How to handle aliases. -
binaryAttributes
Binary attribute names.
-
-
Constructor Details
-
AbstractSearchEntryResolver
public AbstractSearchEntryResolver()
-
-
Method Details
-
getBaseDn
Returns the base DN.- Returns:
- base DN
-
setBaseDn
Sets the base DN.- Parameters:
dn
- base DN
-
getUserFilter
Returns the filter used to search for the user.- Returns:
- filter for searching
-
setUserFilter
Sets the filter used to search for the user.- Parameters:
filter
- for searching
-
getUserFilterParameters
Returns the filter parameters used to search for the user.- Returns:
- filter parameters
-
setUserFilterParameters
Sets the filter parameters used to search for the user.- Parameters:
filterParams
- filter parameters
-
getAllowMultipleEntries
public boolean getAllowMultipleEntries()Returns whether entry resolution should fail if multiple entries are found.- Returns:
- whether an exception will be thrown if multiple entries are found
-
setAllowMultipleEntries
public void setAllowMultipleEntries(boolean b) Sets whether entry resolution should fail if multiple entries are found. If false an exception will be thrown ifresolve(AuthenticationCriteria, AuthenticationHandlerResponse)
finds more than one entry matching it's filter. Otherwise the first entry found is returned.- Parameters:
b
- whether multiple entries are allowed
-
getSubtreeSearch
public boolean getSubtreeSearch()Returns whether subtree searching will be used.- Returns:
- whether the entry will be searched for over the entire base
-
setSubtreeSearch
public void setSubtreeSearch(boolean b) Sets whether subtree searching will be used. If true, the entry will be searched for over the entiregetBaseDn()
. Otherwise the entry will be searched for in thegetBaseDn()
context.- Parameters:
b
- whether the entry will be searched for over the entire base
-
getDerefAliases
Returns how to dereference aliases.- Returns:
- how to dereference aliases
-
setDerefAliases
Sets how to dereference aliases.- Parameters:
da
- how to dereference aliases
-
getBinaryAttributes
Returns names of binary attributes.- Returns:
- binary attribute names
-
setBinaryAttributes
Sets names of binary attributes.- Parameters:
attrs
- binary attribute names
-
performLdapSearch
protected abstract SearchResponse performLdapSearch(AuthenticationCriteria criteria, AuthenticationHandlerResponse response) throws LdapException Executes an ldap search with the supplied authentication criteria.- Parameters:
criteria
- authentication criteria associated with the userresponse
- response from the authentication event- Returns:
- search result
- Throws:
LdapException
- if an error occurs attempting the search
-
createFilterTemplate
Returns a filter template usinguserFilter
anduserFilterParameters
.User.getIdentifier()
is injected with a named parameter of 'user',User.getContext()
is injected with a named parameter of 'context', andAuthenticationCriteria.getDn()
is injected with a named parameter of 'dn'.- Parameters:
ac
- authentication criteria- Returns:
- filter template
-
createSearchRequest
Returns a search request for the supplied authentication criteria. If nouserFilter
is defined then an object level search on the authentication criteria DN is returned. Otherwise theuserFilter
,baseDn
andsubtreeSearch
are used to create the search request.- Parameters:
ac
- authentication criteria containing a DN- Returns:
- search request
-
resolve
public LdapEntry resolve(AuthenticationCriteria criteria, AuthenticationHandlerResponse response) throws LdapException Description copied from interface:EntryResolver
Attempts to find the LDAP entry for the supplied authentication criteria and authentication handler response. The connection available in the response should not be closed in this method.- Specified by:
resolve
in interfaceEntryResolver
- Parameters:
criteria
- authentication criteria used to perform the authenticationresponse
- produced by the authentication handler- Returns:
- ldap entry
- Throws:
LdapException
- if an LDAP error occurs
-