Class AbstractSearchEntryResolver

java.lang.Object
org.ldaptive.AbstractSearchOperationFactory
org.ldaptive.auth.AbstractSearchEntryResolver
All Implemented Interfaces:
EntryResolver, ConnectionFactoryManager
Direct Known Subclasses:
AuthorizationIdentityEntryResolver, SearchEntryResolver, WhoAmIEntryResolver

public abstract class AbstractSearchEntryResolver extends AbstractSearchOperationFactory implements EntryResolver
Base implementation for search entry resolvers. Uses an object level search on the AuthenticationCriteria.getDn() if no userFilter is configured. If a userFilter is configured, then a search is executed using that filter.
  • Field Details

    • baseDn

      private String baseDn
      DN to search.
    • userFilter

      private String userFilter
      Filter for searching for the user.
    • userFilterParameters

      private Object[] userFilterParameters
      Filter parameters for searching for the user.
    • allowMultipleEntries

      private boolean allowMultipleEntries
      Whether to throw an exception if multiple entries are found.
    • subtreeSearch

      private boolean subtreeSearch
      Whether to use a subtree search when resolving DNs.
    • derefAliases

      private DerefAliases derefAliases
      How to handle aliases.
    • binaryAttributes

      private String[] binaryAttributes
      Binary attribute names.
  • Constructor Details

    • AbstractSearchEntryResolver

      public AbstractSearchEntryResolver()
  • Method Details

    • getBaseDn

      public String getBaseDn()
      Returns the base DN.
      Returns:
      base DN
    • setBaseDn

      public void setBaseDn(String dn)
      Sets the base DN.
      Parameters:
      dn - base DN
    • getUserFilter

      public String getUserFilter()
      Returns the filter used to search for the user.
      Returns:
      filter for searching
    • setUserFilter

      public void setUserFilter(String filter)
      Sets the filter used to search for the user.
      Parameters:
      filter - for searching
    • getUserFilterParameters

      public Object[] getUserFilterParameters()
      Returns the filter parameters used to search for the user.
      Returns:
      filter parameters
    • setUserFilterParameters

      public void setUserFilterParameters(Object[] filterParams)
      Sets the filter parameters used to search for the user.
      Parameters:
      filterParams - filter parameters
    • getAllowMultipleEntries

      public boolean getAllowMultipleEntries()
      Returns whether entry resolution should fail if multiple entries are found.
      Returns:
      whether an exception will be thrown if multiple entries are found
    • setAllowMultipleEntries

      public void setAllowMultipleEntries(boolean b)
      Sets whether entry resolution should fail if multiple entries are found. If false an exception will be thrown if resolve(AuthenticationCriteria, AuthenticationHandlerResponse) finds more than one entry matching it's filter. Otherwise the first entry found is returned.
      Parameters:
      b - whether multiple entries are allowed
    • getSubtreeSearch

      public boolean getSubtreeSearch()
      Returns whether subtree searching will be used.
      Returns:
      whether the entry will be searched for over the entire base
    • setSubtreeSearch

      public void setSubtreeSearch(boolean b)
      Sets whether subtree searching will be used. If true, the entry will be searched for over the entire getBaseDn(). Otherwise the entry will be searched for in the getBaseDn() context.
      Parameters:
      b - whether the entry will be searched for over the entire base
    • getDerefAliases

      public DerefAliases getDerefAliases()
      Returns how to dereference aliases.
      Returns:
      how to dereference aliases
    • setDerefAliases

      public void setDerefAliases(DerefAliases da)
      Sets how to dereference aliases.
      Parameters:
      da - how to dereference aliases
    • getBinaryAttributes

      public String[] getBinaryAttributes()
      Returns names of binary attributes.
      Returns:
      binary attribute names
    • setBinaryAttributes

      public void setBinaryAttributes(String... attrs)
      Sets names of binary attributes.
      Parameters:
      attrs - binary attribute names
    • performLdapSearch

      protected abstract SearchResponse performLdapSearch(AuthenticationCriteria criteria, AuthenticationHandlerResponse response) throws LdapException
      Executes an ldap search with the supplied authentication criteria.
      Parameters:
      criteria - authentication criteria associated with the user
      response - response from the authentication event
      Returns:
      search result
      Throws:
      LdapException - if an error occurs attempting the search
    • createFilterTemplate

      protected FilterTemplate createFilterTemplate(AuthenticationCriteria ac)
      Returns a filter template using userFilter and userFilterParameters. User.getIdentifier() is injected with a named parameter of 'user', User.getContext() is injected with a named parameter of 'context', and AuthenticationCriteria.getDn() is injected with a named parameter of 'dn'.
      Parameters:
      ac - authentication criteria
      Returns:
      filter template
    • createSearchRequest

      protected SearchRequest createSearchRequest(AuthenticationCriteria ac)
      Returns a search request for the supplied authentication criteria. If no userFilter is defined then an object level search on the authentication criteria DN is returned. Otherwise the userFilter, baseDn and subtreeSearch are used to create the search request.
      Parameters:
      ac - authentication criteria containing a DN
      Returns:
      search request
    • resolve

      public LdapEntry resolve(AuthenticationCriteria criteria, AuthenticationHandlerResponse response) throws LdapException
      Description copied from interface: EntryResolver
      Attempts to find the LDAP entry for the supplied authentication criteria and authentication handler response. The connection available in the response should not be closed in this method.
      Specified by:
      resolve in interface EntryResolver
      Parameters:
      criteria - authentication criteria used to perform the authentication
      response - produced by the authentication handler
      Returns:
      ldap entry
      Throws:
      LdapException - if an LDAP error occurs