Package edu.vt.middleware.ldap.auth

Class Authenticator

  • All Implemented Interfaces:
    java.io.Serializable
    Direct Known Subclasses:
    JaasAuthenticator
    public class Authenticator
extends AbstractAuthenticator<AuthenticatorConfig>
implements java.io.Serializable
    Authenticator contains functions for authenticating a user against an LDAP.
    Version:
    $Revision: 1330 $ $Date: 2010-05-24 00:10:53 +0200 (Mon, 24 May 2010) $
    Author:
    Middleware Services
    See Also:
    Serialized Form

    • Constructor Detail

      • Authenticator

        public Authenticator()
        Default constructor.

      • Authenticator

        public Authenticator​(AuthenticatorConfig authConfig)
        This will create a new Authenticator with the supplied AuthenticatorConfig.
        Parameters:
        authConfig - AuthenticatorConfig

    • Method Detail

      • getAuthenticatorConfig

        public AuthenticatorConfig getAuthenticatorConfig()
        This returns the AuthenticatorConfig of the Authenticator.
        Returns:
        AuthenticatorConfig

      • loadFromProperties

        public void loadFromProperties()
        This will set the config parameters of this Authenticator using the default properties file, which must be located in your classpath.

      • loadFromProperties

        public void loadFromProperties​(java.io.InputStream is)
        This will set the config parameters of this Authenticator using the supplied input stream.
        Parameters:
        is - InputStream

      • getDn

        public java.lang.String getDn​(java.lang.String user)
                       throws javax.naming.NamingException
        This will attempt to find the LDAP DN for the supplied user. AuthenticatorConfig.dnResolver is invoked to perform this operation.
        Parameters:
        user - String to find dn for
        Returns:
        String - user's dn
        Throws:
        javax.naming.NamingException - an LDAP error occurs

      • authenticate

        public boolean authenticate​(java.lang.String user,
                            java.lang.Object credential)
                     throws javax.naming.NamingException
        This will authenticate by binding to the LDAP with the supplied user and credential. If AuthenticatorConfig.setAuthorizationFilter(java.lang.String) has been called, then it will be used to authorize the user by performing an ldap compare. See authenticate(String, Object, SearchFilter).
        Parameters:
        user - String username for bind
        credential - Object credential for bind
        Returns:
        boolean - whether the bind succeeded
        Throws:
        javax.naming.NamingException - if the authentication fails for any other reason than invalid credentials

      • authenticate

        public boolean authenticate​(java.lang.String user,
                            java.lang.Object credential,
                            SearchFilter filter)
                     throws javax.naming.NamingException
        This will authenticate by binding to the LDAP with the supplied user and credential. If the supplied filter is not null it will be injected into a new instance of CompareAuthorizationHandler and set as the first AuthorizationHandler to execute. If AuthenticatorConfig.setAuthenticationResultHandlers( AuthenticationResultHandler[]) has been called, then it will be used to post process authentication results. See authenticate(String, Object, AuthenticationResultHandler[], AuthorizationHandler[]).
        Parameters:
        user - String username for bind
        credential - Object credential for bind
        filter - SearchFilter to authorize user
        Returns:
        boolean - whether the bind succeeded
        Throws:
        javax.naming.NamingException - if the authentication fails for any other reason than invalid credentials

      • authenticate

        public javax.naming.directory.Attributes authenticate​(java.lang.String user,
                                                      java.lang.Object credential,
                                                      java.lang.String[] retAttrs)
                                               throws javax.naming.NamingException
        This will authenticate by binding to the LDAP with the supplied user and credential. If AuthenticatorConfig.setAuthorizationFilter(java.lang.String) has been called, then it will be used to authorize the user by performing an ldap compare. See authenticate(String, Object, SearchFilter, String[])
        Parameters:
        user - String username for bind
        credential - Object credential for bind
        retAttrs - String[] to return
        Returns:
        Attributes - of authenticated user
        Throws:
        javax.naming.NamingException - if any of the ldap operations fail

      • authenticate

        public javax.naming.directory.Attributes authenticate​(java.lang.String user,
                                                      java.lang.Object credential,
                                                      SearchFilter filter,
                                                      java.lang.String[] retAttrs)
                                               throws javax.naming.NamingException
        This will authenticate by binding to the LDAP with the supplied user and credential. If the supplied filter is not null it will be injected into a new instance of CompareAuthorizationHandler and set as the first AuthorizationHandler to execute. See authenticate(String, Object, String[], AuthenticationResultHandler[], AuthorizationHandler[]).
        Parameters:
        user - String username for bind
        credential - Object credential for bind
        filter - SearchFilter to authorize user
        retAttrs - String[] to return
        Returns:
        Attributes - of authenticated user
        Throws:
        javax.naming.NamingException - if any of the ldap operations fail