Package org.apache.jackrabbit.oak.security.authentication.ldap.impl

Class LdapProviderConfig.Identity

java.lang.Object
org.apache.jackrabbit.oak.security.authentication.ldap.impl.LdapProviderConfig.Identity
Enclosing class:
LdapProviderConfig
public class LdapProviderConfig.Identity extends Object
Defines the configuration of an identity (user or group).

  • Constructor Details

    • Identity

      public Identity()

  • Method Details

    • getBaseDN

      @NotNull public @NotNull String getBaseDN()
      Configures the base DN for searches of this kind of identity
      Returns:
      the base DN

    • setBaseDN

      @NotNull public @NotNull LdapProviderConfig.Identity setBaseDN(@NotNull @NotNull String baseDN)
      Sets the base DN for search of this kind of identity.
      Parameters:
      baseDN - the DN as string.
      Returns:
      this
      See Also:

    • getObjectClasses

      @NotNull public @NotNull String[] getObjectClasses()
      Configures the object classes of this kind of identity.
      Returns:
      an array of object classes
      See Also:

    • setObjectClasses

      @NotNull public @NotNull LdapProviderConfig.Identity setObjectClasses(@NotNull @NotNull String... objectClasses)
      Sets the object classes.
      Parameters:
      objectClasses - the object classes
      Returns:
      this
      See Also:

    • getIdAttribute

      @NotNull public @NotNull String getIdAttribute()
      Configures the attribute that is used to identify this identity by id. For users this is the attribute that holds the user id, for groups this is the attribute that holds the group name.
      Returns:
      the id attribute name
      See Also:

    • setIdAttribute

      @NotNull public @NotNull LdapProviderConfig.Identity setIdAttribute(@NotNull @NotNull String idAttribute)
      Sets the id attribute.
      Parameters:
      idAttribute - the id attribute name
      Returns:
      this
      See Also:

    • getExtraFilter

      @Nullable public @Nullable String getExtraFilter()
      Configures the extra LDAP filter that is appended to the internally computed filter when searching for identities.
      Returns:
      the extra filter

    • setExtraFilter

      @NotNull public @NotNull LdapProviderConfig.Identity setExtraFilter(@Nullable @Nullable String extraFilter)
      Sets the extra search filter.
      Parameters:
      extraFilter - the filter
      Returns:
      this
      See Also:

    • makeDnPath

      public boolean makeDnPath()
      Configures if the identities DN should be used to generate a portion of the authorizables intermediate path.
      Returns:
      true if the DN is used a intermediate path.

    • setMakeDnPath

      @NotNull public @NotNull LdapProviderConfig.Identity setMakeDnPath(boolean makeDnPath)
      Sets the intermediate path flag.
      Parameters:
      makeDnPath - true to use the DN as intermediate path
      Returns:
      this
      See Also:

    • getSearchFilter

      @NotNull public @NotNull String getSearchFilter(@NotNull @NotNull String id)
      Returns the LDAP filter that is used when searching this type of identity. The filter is based on the configuration and has the following format: 
      
     (&(${idAttr}=${id})(objectclass=${objectclass})${extraFilter})
      Note that the objectclass part is repeated according to the specified objectclasses in getObjectClasses().
      Parameters:
      id - the id value
      Returns:
      the search filter

    • toString

      public String toString()
      Overrides:
      toString in class Object