Package com.avoka.fc.core.security

Class LdapUserDetailsAuthenticationProvider

java.lang.Object
org.springframework.security.authentication.dao.AbstractUserDetailsAuthenticationProvider
com.avoka.fc.core.security.LdapUserDetailsAuthenticationProvider
All Implemented Interfaces:
IPortalAware, IUserQuery, org.springframework.beans.factory.Aware, org.springframework.beans.factory.InitializingBean, org.springframework.context.MessageSourceAware, org.springframework.security.authentication.AuthenticationProvider
public class LdapUserDetailsAuthenticationProvider extends org.springframework.security.authentication.dao.AbstractUserDetailsAuthenticationProvider implements IUserQuery, IPortalAware
Provides a configurable LDAP Local UserDetails Authentication Provider.
Since:
3.5.0

  • Field Details

    • LDAP_SEARCH_BASE_PARAM

      public static final String LDAP_SEARCH_BASE_PARAM
      The name of the LDAP search base property
      See Also:

  • Constructor Details

    • LdapUserDetailsAuthenticationProvider

      public LdapUserDetailsAuthenticationProvider()
      Create an LdapUserDetailsAuthenticationProvider and initialize the default properties.

  • Method Details

    • authenticateLdapUser

      public Map<String,Object> authenticateLdapUser(String username, String password) throws org.springframework.security.authentication.BadCredentialsException, org.springframework.security.authentication.AuthenticationServiceException
      Authenticate the given the user name and password against the LDAP server and return the user's LDAP attributes.
      Parameters:
      username - the user login user name
      password - the user login password
      Returns:
      a map of LDAP user attributes
      Throws:
      org.springframework.security.authentication.BadCredentialsException - if the user could not be authenticated
      org.springframework.security.authentication.AuthenticationServiceException - if there is an error calling the LDAP server

    • loadLdapUserAttributes

      public Map<String,Object> loadLdapUserAttributes(String username, boolean allAttributes) throws org.springframework.security.authentication.BadCredentialsException, org.springframework.security.authentication.AuthenticationServiceException
      Get the LDAP user attributes for the specified user. This LDAP server call with use the server login user name.
      Parameters:
      username - the user login user name
      allAttributes - specify whether to return all the user attributes not just the those configured with the provider
      Returns:
      a map of LDAP user attributes, if the user is found or any empty map if the user is not found
      Throws:
      org.springframework.security.authentication.BadCredentialsException - if the LDAP server user could not be authenticated
      org.springframework.security.authentication.AuthenticationServiceException - if there is an error calling the LDA server

    • createUserProfileMap

      public Map<String,String> createUserProfileMap(Map<String,Object> attributes)
      Create user profile map from the given LDAP user attributes and defined lapAttributesProfileMapping.
      Parameters:
      attributes - the LDAP user attributes
      Returns:
      user profile map from the given LDAP user attributes and defined lapAttributesProfileMapping

    • doesUserExist

      public boolean doesUserExist(String userId)
      Return true if the user exists with the given authentication provider.
      Specified by:
      doesUserExist in interface IUserQuery
      Parameters:
      userId - the unique user identifier (required)
      Returns:
      true if the user exists with the given authentication provider
      See Also:

    • setName

      public void setName(String name)
      Set the name of the Authentication Provider.
      Parameters:
      name - the new name of the Authentication Provider

    • getName

      public String getName()
      Return the name of the Authentication Provider.
      Returns:
      name the name of the Authentication Provider

    • setPortal

      public void setPortal(Portal portal)
      Set the object portal.
      Specified by:
      setPortal in interface IPortalAware
      Parameters:
      portal - the portal
      See Also:

    • getLdapServerUrl

      public String getLdapServerUrl()
      Return the URL of the LDAP server, if configured.
      Returns:
      the LDAP server URL

    • setLdapServerUrl

      public void setLdapServerUrl(String serverUrl)
      Set the URL of the LDAP server.
      Parameters:
      serverUrl - the LDAP server URL

    • getLdapServerUser

      public String getLdapServerUser()
      Return the user name used to access the LDAP server, if configured.
      Returns:
      the LDAP server user name

    • setLdapServerUser

      public void setLdapServerUser(String newUser)
      Set the user name used to access the LDAP server.
      Parameters:
      newUser - the LDAP server user name

    • getLdapServerPassword

      public String getLdapServerPassword()
      Return the password used to access the LDAP server, if configured.
      Returns:
      the LDAP server password

    • setLdapServerPassword

      public void setLdapServerPassword(String newPassword)
      Set the password used to access the LDAP server.
      Parameters:
      newPassword - the LDAP server password

    • getLdapSearchBase

      public String getLdapSearchBase()
      Return the search base on the LDAP server where SmartForm Manager user data is stored, if configured.
      Returns:
      the LDAP server search base

    • setLdapSearchBase

      public void setLdapSearchBase(String newSearchBase)
      Set the search base on the LDAP server where SmartForm Manager user data is stored.
      Parameters:
      newSearchBase - the LDAP server search base

    • getLdapSearchFilter

      public String getLdapSearchFilter()
      Return the search filter on the LDAP server that is used to locate a user record, if configured.
      Returns:
      the LDAP server search filter

    • setLdapSearchFilter

      public void setLdapSearchFilter(String newSearchFilter)
      Set the search filter on the LDAP server that is used to locate a user record.
      Parameters:
      newSearchFilter - the LDAP server search filter

    • getLdapSearchSubTree

      public boolean getLdapSearchSubTree()
      Return true if the LDAP search scope is subtree or single level if false.
      Returns:
      true if the LDAP search scope is subtree or single level if false

    • setLdapSearchSubTree

      public void setLdapSearchSubTree(boolean subTree)
      Set whether the LDAP search scope is subtree or single level otherwise.
      Parameters:
      subTree - the LDAP search scope is subtree flat or single level if false

    • getLdapAttributeUserName

      public String getLdapAttributeUserName()
      Return the attribute containing the user name on the LDAP server, if configured.
      Returns:
      the LDAP server user name attribute

    • setLdapAttributeUserName

      public void setLdapAttributeUserName(String newUserNameAttribute)
      Set the attribute containing the user name on the LDAP server, if configured
      Parameters:
      newUserNameAttribute - the LDAP server user name attribute

    • getLdapAttributeEmail

      public String getLdapAttributeEmail()
      Return the attribute containing a user's email address on the LDAP server, if configured.
      Returns:
      the LDAP server email attribute

    • setLdapAttributeEmail

      public void setLdapAttributeEmail(String newEmailAttribute)
      Set the attribute containing a user's email address on the LDAP server.
      Parameters:
      newEmailAttribute - the LDAP server email attribute

    • getLdapAttributeFirstName

      public String getLdapAttributeFirstName()
      Return the attribute containing a user's first name on the LDAP server, if configured.
      Returns:
      the LDAP server first name attribute

    • setLdapAttributeFirstName

      public void setLdapAttributeFirstName(String newFirstNameAttribute)
      Set the attribute containing a user's first name on the LDAP server.
      Parameters:
      newFirstNameAttribute - the LDAP server first name attribute

    • getLdapAttributeLastName

      public String getLdapAttributeLastName()
      Return the attribute containing a user's last name on the LDAP server, if configured.
      Returns:
      the LDAP server last name attribute

    • setLdapAttributeLastName

      public void setLdapAttributeLastName(String newLastNameAttribute)
      Set the attribute containing a user's last name on the LDAP server.
      Parameters:
      newLastNameAttribute - the LDAP server last name attribute

    • getLdapAttributeGroups

      public String getLdapAttributeGroups()
      Return the attribute containing a user's groups on the LDAP server, if configured.
      Returns:
      the LDAP server groups attribute

    • setLdapAttributeGroups

      public void setLdapAttributeGroups(String newGroupsAttribute)
      Set the attribute containing a user's groups on the LDAP server.
      Parameters:
      newGroupsAttribute - the LDAP server groups attribute
      See Also:
      • SecurityService#setLdapAttributeGroups(String)

    • getLdapAttributeMobile

      public String getLdapAttributeMobile()
      Return the attribute containing a user's mobile number on the LDAP server, if configured
      Returns:
      the LDAP user's mobile number attribute

    • setLdapAttributeMobile

      public void setLdapAttributeMobile(String mobileAttribute)
      Set the attribute containing a user's mobile number on the LDAP server
      Parameters:
      mobileAttribute - the LDAP mobile number attribute

    • getLdapAttributeDistinguishedName

      public String getLdapAttributeDistinguishedName()
      Return the attribute containing a user's distinguished name on the LDAP server
      Returns:
      the attribute containing a user's distinguished name on the LDAP server

    • setLdapAttributeDistinguishedName

      public void setLdapAttributeDistinguishedName(String distinguishedNameAttribute)
      Set the attribute containing a user's distinguished name on the LDAP server
      Parameters:
      distinguishedNameAttribute - the distinguished name attribute

    • getLdapAttributesProfileMapping

      public String getLdapAttributesProfileMapping()
      Return the LDAP attributes to User Profile mapping.
      Returns:
      the LDAP attributes to User Profile mapping

    • setLdapAttributesProfileMapping

      public void setLdapAttributesProfileMapping(String attributesProfileMapping)
      Set the LDAP attributes to User Profile mapping.
      Parameters:
      attributesProfileMapping - the LDAP attributes to User Profile mapping

    • getLdapUserDnTemplate

      public String getLdapUserDnTemplate()
      Return the LDAP User Distinguished Name (DN) Template for user authentication.
      Returns:
      the LDAP User Distinguished Name (DN) template for user authentication

    • setLdapUserDnTemplate

      public void setLdapUserDnTemplate(String userDnTemplate)
      Set the LDAP User Distinguished Name (DN) Template for user authentication.
      Parameters:
      userDnTemplate - the LDAP User Distinguished Name (DN) template for user authentication

    • retrieveUser

      protected org.springframework.security.core.userdetails.UserDetails retrieveUser(String username, org.springframework.security.authentication.UsernamePasswordAuthenticationToken authentication) throws org.springframework.security.core.AuthenticationException
      Specified by:
      retrieveUser in class org.springframework.security.authentication.dao.AbstractUserDetailsAuthenticationProvider
      Throws:
      org.springframework.security.core.AuthenticationException
      See Also:
      • AbstractUserDetailsAuthenticationProvider.retrieveUser(String, UsernamePasswordAuthenticationToken)

    • additionalAuthenticationChecks

      protected void additionalAuthenticationChecks(org.springframework.security.core.userdetails.UserDetails userDetails, org.springframework.security.authentication.UsernamePasswordAuthenticationToken authentication) throws org.springframework.security.core.AuthenticationException
      This method does nothing.
      Specified by:
      additionalAuthenticationChecks in class org.springframework.security.authentication.dao.AbstractUserDetailsAuthenticationProvider
      Throws:
      org.springframework.security.core.AuthenticationException
      See Also:
      • AbstractUserDetailsAuthenticationProvider#additionalAuthenticationChecks(String, UsernamePasswordAuthenticationToken)