Class LdapIdentityProvider
- java.lang.Object
-
- org.apache.jackrabbit.oak.security.authentication.ldap.impl.LdapIdentityProvider
-
- All Implemented Interfaces:
ExternalIdentityProvider
,PrincipalNameResolver
public class LdapIdentityProvider extends Object implements ExternalIdentityProvider, PrincipalNameResolver
LdapIdentityProvider
implements an external identity provider that reads users and groups from an ldap source. Please refer toLdapProviderConfig
for configuration options.
-
-
Constructor Summary
Constructors Constructor Description LdapIdentityProvider()
Default constructor for OSGiLdapIdentityProvider(@NotNull LdapProviderConfig config)
Constructor for non-OSGi cases.
-
Method Summary
All Methods Instance Methods Concrete Methods Modifier and Type Method Description ExternalUser
authenticate(@NotNull Credentials credentials)
Authenticates the user represented by the given credentials and returns it.void
close()
Closes this provider and releases the internal pool.@NotNull String
fromExternalIdentityRef(@NotNull ExternalIdentityRef externalIdentityRef)
Deduce the name of thePrincipal
associated with theExternalIdentity
represented by the givenExternalIdentityRef
.ExternalGroup
getGroup(@NotNull String name)
Returns the group for the given (local) group name.ExternalIdentity
getIdentity(@NotNull ExternalIdentityRef ref)
Returns the identity for the given reference ornull
if it does not exist.@NotNull String
getName()
Returns the name of this provider.ExternalUser
getUser(@NotNull String userId)
Returns the user for the given (local) id.@NotNull Iterator<ExternalGroup>
listGroups()
List all external groups.@NotNull Iterator<ExternalUser>
listUsers()
List all external users.
-
-
-
Constructor Detail
-
LdapIdentityProvider
public LdapIdentityProvider()
Default constructor for OSGi
-
LdapIdentityProvider
public LdapIdentityProvider(@NotNull @NotNull LdapProviderConfig config)
Constructor for non-OSGi cases.- Parameters:
config
- the configuration
-
-
Method Detail
-
close
public void close()
Closes this provider and releases the internal pool. This should be called by Non-OSGi users of this provider.
-
fromExternalIdentityRef
@NotNull public @NotNull String fromExternalIdentityRef(@NotNull @NotNull ExternalIdentityRef externalIdentityRef) throws ExternalIdentityException
Description copied from interface:PrincipalNameResolver
Deduce the name of thePrincipal
associated with theExternalIdentity
represented by the givenExternalIdentityRef
.- Specified by:
fromExternalIdentityRef
in interfacePrincipalNameResolver
- Parameters:
externalIdentityRef
- A validExternalIdentityRef
to an existingExternalIdentity
- Returns:
- The name of the
Principal
associated with the external identity referenced by the givenexternalIdentityRef
. - Throws:
ExternalIdentityException
- If the reference is not valid or another error occurs.
-
getName
@NotNull public @NotNull String getName()
Description copied from interface:ExternalIdentityProvider
Returns the name of this provider.- Specified by:
getName
in interfaceExternalIdentityProvider
- Returns:
- the provider name.
-
getIdentity
public ExternalIdentity getIdentity(@NotNull @NotNull ExternalIdentityRef ref) throws ExternalIdentityException
Description copied from interface:ExternalIdentityProvider
Returns the identity for the given reference ornull
if it does not exist. The provider should check if theprovider name
matches his own name or isnull
and should not return a foreign identity.- Specified by:
getIdentity
in interfaceExternalIdentityProvider
- Parameters:
ref
- the reference- Returns:
- an identity or
null
- Throws:
ExternalIdentityException
- if an error occurs.
-
getUser
public ExternalUser getUser(@NotNull @NotNull String userId) throws ExternalIdentityException
Description copied from interface:ExternalIdentityProvider
Returns the user for the given (local) id. if the user does not existnull
is returned.- Specified by:
getUser
in interfaceExternalIdentityProvider
- Parameters:
userId
- the user id.- Returns:
- the user or
null
- Throws:
ExternalIdentityException
- if an error occurs.
-
getGroup
public ExternalGroup getGroup(@NotNull @NotNull String name) throws ExternalIdentityException
Description copied from interface:ExternalIdentityProvider
Returns the group for the given (local) group name. if the group does not existnull
is returned.- Specified by:
getGroup
in interfaceExternalIdentityProvider
- Parameters:
name
- the group name- Returns:
- the group or
null
- Throws:
ExternalIdentityException
- if an error occurs.
-
listUsers
@NotNull public @NotNull Iterator<ExternalUser> listUsers() throws ExternalIdentityException
Description copied from interface:ExternalIdentityProvider
List all external users.- Specified by:
listUsers
in interfaceExternalIdentityProvider
- Returns:
- an iterator over all external users
- Throws:
ExternalIdentityException
- if an error occurs.
-
listGroups
@NotNull public @NotNull Iterator<ExternalGroup> listGroups() throws ExternalIdentityException
Description copied from interface:ExternalIdentityProvider
List all external groups.- Specified by:
listGroups
in interfaceExternalIdentityProvider
- Returns:
- an iterator over all external groups
- Throws:
ExternalIdentityException
- if an error occurs.
-
authenticate
public ExternalUser authenticate(@NotNull @NotNull Credentials credentials) throws ExternalIdentityException, LoginException
Description copied from interface:ExternalIdentityProvider
Authenticates the user represented by the given credentials and returns it. If the user does not exist in this provider,null
is returned. If the authentication fails, a LoginException is thrown.- Specified by:
authenticate
in interfaceExternalIdentityProvider
- Parameters:
credentials
- the credentials- Returns:
- the user or
null
- Throws:
ExternalIdentityException
- if an error occursLoginException
- if the user could not be authenticated
-
-