Package org.ldaptive.auth
Class Authenticator
java.lang.Object
org.ldaptive.auth.Authenticator
Provides functionality to authenticate users against an ldap directory.
-
Nested Class Summary
Nested Classes -
Field Summary
FieldsModifier and TypeFieldDescriptionprivate AuthenticationHandler
Handler to handle authentication.private DnResolver
For finding user DNs.private EntryResolver
For finding user entries.protected final org.slf4j.Logger
Logger for this class.private static final EntryResolver
NoOp entry resolver.private AuthenticationRequestHandler[]
Handlers to handle authentication requests.private boolean
Whether to execute the entry resolver on authentication failure.private AuthenticationResponseHandler[]
Handlers to handle authentication responses.private String[]
User attributes to return. -
Constructor Summary
ConstructorsConstructorDescriptionDefault constructor.Authenticator
(DnResolver resolver, AuthenticationHandler handler) Creates a new authenticator. -
Method Summary
Modifier and TypeMethodDescriptionprotected AuthenticationResponse
authenticate
(String dn, AuthenticationRequest request) Validates input and performs authentication using anAuthenticationHandler
.authenticate
(AuthenticationRequest request) Authenticate the user in the supplied request.static Authenticator.Builder
builder()
Creates a builder for this class.void
close()
Attempts to close any connection factories associated with this authenticator.private void
closeConnectionFactoryManagers
(ConnectionFactoryManager... managers) Attempts to close all the connection factories in the supplied collection.Returns the authentication handler.Returns the DN resolver.Returns the entry resolver.Returns the authentication request handlers.boolean
Returns whether to execute the entry resolver on authentication failure.Returns the authentication response handlers.String[]
Returns the return attributes.protected AuthenticationRequest
processRequest
(String dn, AuthenticationRequest request) Creates a new authentication request applying any applicable configuration on this authenticator.This will attempt to find the DN for the supplied user.protected LdapEntry
resolveEntry
(AuthenticationCriteria criteria, AuthenticationHandlerResponse response) Attempts to find the ldap entry for the supplied DN.void
Sets the authentication handler.void
setDnResolver
(DnResolver resolver) Sets the DN resolver.void
setEntryResolver
(EntryResolver resolver) Sets the entry resolver.void
setRequestHandlers
(AuthenticationRequestHandler... handlers) Sets the authentication request handlers.void
setResolveEntryOnFailure
(boolean b) Sets whether to execute the entry resolver on authentication failure.void
setResponseHandlers
(AuthenticationResponseHandler... handlers) Sets the authentication response handlers.void
setReturnAttributes
(String... attrs) Sets the return attributes.toString()
protected AuthenticationResponse
validateInput
(String dn, AuthenticationRequest request) Validates the authentication request and resolved DN.
-
Field Details
-
NOOP_RESOLVER
NoOp entry resolver. -
logger
protected final org.slf4j.Logger loggerLogger for this class. -
dnResolver
For finding user DNs. -
authenticationHandler
Handler to handle authentication. -
entryResolver
For finding user entries. -
returnAttributes
User attributes to return. Concatenated toAuthenticationRequest.getReturnAttributes()
. -
requestHandlers
Handlers to handle authentication requests. -
responseHandlers
Handlers to handle authentication responses. -
resolveEntryOnFailure
private boolean resolveEntryOnFailureWhether to execute the entry resolver on authentication failure.
-
-
Constructor Details
-
Authenticator
public Authenticator()Default constructor. -
Authenticator
Creates a new authenticator.- Parameters:
resolver
- dn resolverhandler
- authentication handler
-
-
Method Details
-
getDnResolver
Returns the DN resolver.- Returns:
- DN resolver
-
setDnResolver
Sets the DN resolver.- Parameters:
resolver
- for finding DNs
-
getAuthenticationHandler
Returns the authentication handler.- Returns:
- authentication handler
-
setAuthenticationHandler
Sets the authentication handler.- Parameters:
handler
- for performing authentication
-
getEntryResolver
Returns the entry resolver.- Returns:
- entry resolver
-
setEntryResolver
Sets the entry resolver.- Parameters:
resolver
- for finding entries
-
getResolveEntryOnFailure
public boolean getResolveEntryOnFailure()Returns whether to execute the entry resolver on authentication failure.- Returns:
- whether to execute the entry resolver on authentication failure
-
setResolveEntryOnFailure
public void setResolveEntryOnFailure(boolean b) Sets whether to execute the entry resolver on authentication failure.- Parameters:
b
- whether to execute the entry resolver
-
getReturnAttributes
Returns the return attributes.- Returns:
- attributes to return
-
setReturnAttributes
Sets the return attributes.- Parameters:
attrs
- return attributes
-
getRequestHandlers
Returns the authentication request handlers.- Returns:
- authentication request handlers
-
setRequestHandlers
Sets the authentication request handlers.- Parameters:
handlers
- authentication request handlers
-
getResponseHandlers
Returns the authentication response handlers.- Returns:
- authentication response handlers
-
setResponseHandlers
Sets the authentication response handlers.- Parameters:
handlers
- authentication response handlers
-
resolveDn
This will attempt to find the DN for the supplied user.DnResolver.resolve(User)
is invoked to perform this operation.- Parameters:
user
- to find DN for- Returns:
- user DN
- Throws:
LdapException
- if an LDAP error occurs during resolution
-
authenticate
Authenticate the user in the supplied request.- Parameters:
request
- authentication request- Returns:
- response containing the ldap entry of the user authenticated
- Throws:
LdapException
- if an LDAP error occurs
-
close
public void close()Attempts to close any connection factories associated with this authenticator. Inspects thednResolver
,authenticationHandler
andentryResolver
for typeConnectionFactoryManager
. If found, those underlying connection factories are closed.AggregateDnResolver
,AggregateAuthenticationHandler
andAggregateEntryResolver
are handled as well. Note that custom components that contain connection factories but do not implementConnectionFactoryManager
will not be closed by this method. -
closeConnectionFactoryManagers
Attempts to close all the connection factories in the supplied collection.- Parameters:
managers
- to close connection factories for
-
authenticate
protected AuthenticationResponse authenticate(String dn, AuthenticationRequest request) throws LdapException Validates input and performs authentication using anAuthenticationHandler
. Executes any configuredAuthenticationResponseHandler
.- Parameters:
dn
- to authenticate asrequest
- containing authentication parameters- Returns:
- ldap entry for the supplied DN
- Throws:
LdapException
- if an LDAP error occurs
-
validateInput
Validates the authentication request and resolved DN. Returns an authentication response if validation failed.- Parameters:
dn
- to validaterequest
- to validate- Returns:
- authentication response if validation failed, otherwise null
-
processRequest
protected AuthenticationRequest processRequest(String dn, AuthenticationRequest request) throws LdapException Creates a new authentication request applying any applicable configuration on this authenticator. Returns the supplied request if no configuration is applied.- Parameters:
dn
- to processrequest
- to process- Returns:
- authentication request
- Throws:
LdapException
- if an error occurs with a request handler
-
resolveEntry
protected LdapEntry resolveEntry(AuthenticationCriteria criteria, AuthenticationHandlerResponse response) throws LdapException Attempts to find the ldap entry for the supplied DN. If an entry resolver has been configured it is used. ASearchEntryResolver
is used if return attributes have been requested. If none of these criteria is met, aNoOpDnResolver
is used.- Parameters:
criteria
- needed by the entry resolverresponse
- from the authentication handler- Returns:
- ldap entry
- Throws:
LdapException
- if an error occurs resolving the entry
-
toString
-
builder
Creates a builder for this class.- Returns:
- new builder
-