Package org.apache.jackrabbit.oak.security.authentication.ldap.impl

Class LdapProviderConfig.Identity

  • Enclosing class:
    LdapProviderConfig
    public class LdapProviderConfig.Identity
extends Object
    Defines the configuration of an identity (user or group).

    • Constructor Detail

      • Identity

        public Identity()

    • Method Detail

      • getBaseDN

        @NotNull
public @NotNull String getBaseDN()
        Configures the base DN for searches of this kind of identity
        Returns:
        the base DN

      • setBaseDN

        @NotNull
public @NotNull LdapProviderConfig.Identity setBaseDN​(@NotNull
                                                      @NotNull String baseDN)
        Sets the base DN for search of this kind of identity.
        Parameters:
        baseDN - the DN as string.
        Returns:
        this
        See Also:
        getBaseDN()

      • getIdAttribute

        @NotNull
public @NotNull String getIdAttribute()
        Configures the attribute that is used to identify this identity by id. For users this is the attribute that holds the user id, for groups this is the attribute that holds the group name.
        Returns:
        the id attribute name
        See Also:
        for more detail about searching and filtering

      • getExtraFilter

        @Nullable
public @Nullable String getExtraFilter()
        Configures the extra LDAP filter that is appended to the internally computed filter when searching for identities.
        Returns:
        the extra filter

      • makeDnPath

        public boolean makeDnPath()
        Configures if the identities DN should be used to generate a portion of the authorizables intermediate path.
        Returns:
        true if the DN is used a intermediate path.

      • setMakeDnPath

        @NotNull
public @NotNull LdapProviderConfig.Identity setMakeDnPath​(boolean makeDnPath)
        Sets the intermediate path flag.
        Parameters:
        makeDnPath - true to use the DN as intermediate path
        Returns:
        this
        See Also:
        makeDnPath()

      • getSearchFilter

        @NotNull
public @NotNull String getSearchFilter​(@NotNull
                                       @NotNull String id)
        Returns the LDAP filter that is used when searching this type of identity. The filter is based on the configuration and has the following format: 
        
     (&(${idAttr}=${id})(objectclass=${objectclass})${extraFilter})
        Note that the objectclass part is repeated according to the specified objectclasses in getObjectClasses().
        Parameters:
        id - the id value
        Returns:
        the search filter