Package org.ldaptive.auth

Class AbstractSearchEntryResolver

java.lang.Object
org.ldaptive.AbstractFreezable
org.ldaptive.AbstractOperationFactory<SearchRequest,SearchResponse>
org.ldaptive.AbstractSearchOperationFactory
org.ldaptive.auth.AbstractSearchEntryResolver
All Implemented Interfaces:
EntryResolver, ConnectionFactoryManager, Freezable
Direct Known Subclasses:
AuthorizationIdentityEntryResolver, SearchEntryResolver, WhoAmIEntryResolver
public abstract class AbstractSearchEntryResolver extends AbstractSearchOperationFactory implements EntryResolver
Base implementation for search entry resolvers. Uses an object level search on the AuthenticationCriteria.getDn() if no userFilter is configured. If a userFilter is configured, then a search is executed using that filter.

  • Field Details

    • baseDn

      private String baseDn
      DN to search.

    • userFilter

      private String userFilter
      Filter for searching for the user.

    • userFilterParameters

      private Object[] userFilterParameters
      Filter parameters for searching for the user.

    • allowMultipleEntries

      private boolean allowMultipleEntries
      Whether to throw an exception if multiple entries are found.

    • subtreeSearch

      private boolean subtreeSearch
      Whether to use a subtree search when resolving DNs.

    • derefAliases

      private DerefAliases derefAliases
      How to handle aliases.

    • binaryAttributes

      private String[] binaryAttributes
      Binary attribute names.

  • Constructor Details

    • AbstractSearchEntryResolver

      public AbstractSearchEntryResolver()

  • Method Details

    • getBaseDn

      public final String getBaseDn()
      Returns the base DN.
      Returns:
      base DN

    • setBaseDn

      public final void setBaseDn(String dn)
      Sets the base DN.
      Parameters:
      dn - base DN

    • getUserFilter

      public final String getUserFilter()
      Returns the filter used to search for the user.
      Returns:
      filter for searching

    • setUserFilter

      public final void setUserFilter(String filter)
      Sets the filter used to search for the user.
      Parameters:
      filter - for searching

    • getUserFilterParameters

      public final Object[] getUserFilterParameters()
      Returns the filter parameters used to search for the user.
      Returns:
      filter parameters

    • setUserFilterParameters

      public final void setUserFilterParameters(Object[] filterParams)
      Sets the filter parameters used to search for the user.
      Parameters:
      filterParams - filter parameters

    • getAllowMultipleEntries

      public final boolean getAllowMultipleEntries()
      Returns whether entry resolution should fail if multiple entries are found.
      Returns:
      whether an exception will be thrown if multiple entries are found

    • setAllowMultipleEntries

      public final void setAllowMultipleEntries(boolean b)
      Sets whether entry resolution should fail if multiple entries are found. If false an exception will be thrown if resolve(AuthenticationCriteria, AuthenticationHandlerResponse) finds more than one entry matching its filter. Otherwise, the first entry found is returned.
      Parameters:
      b - whether multiple entries are allowed

    • getSubtreeSearch

      public final boolean getSubtreeSearch()
      Returns whether subtree searching will be used.
      Returns:
      whether the entry will be searched for over the entire base

    • setSubtreeSearch

      public final void setSubtreeSearch(boolean b)
      Sets whether subtree searching will be used. If true, the entry will be searched for over the entire getBaseDn(). Otherwise the entry will be searched for in the getBaseDn() context.
      Parameters:
      b - whether the entry will be searched for over the entire base

    • getDerefAliases

      public final DerefAliases getDerefAliases()
      Returns how to dereference aliases.
      Returns:
      how to dereference aliases

    • setDerefAliases

      public final void setDerefAliases(DerefAliases da)
      Sets how to dereference aliases.
      Parameters:
      da - how to dereference aliases

    • getBinaryAttributes

      public final String[] getBinaryAttributes()
      Returns names of binary attributes.
      Returns:
      binary attribute names

    • setBinaryAttributes

      public final void setBinaryAttributes(String... attrs)
      Sets names of binary attributes.
      Parameters:
      attrs - binary attribute names

    • performLdapSearch

      protected abstract SearchResponse performLdapSearch(AuthenticationCriteria criteria, AuthenticationHandlerResponse response) throws LdapException
      Executes an ldap search with the supplied authentication criteria.
      Parameters:
      criteria - authentication criteria associated with the user
      response - response from the authentication event
      Returns:
      search result
      Throws:
      LdapException - if an error occurs attempting the search

    • createFilterTemplate

      protected FilterTemplate createFilterTemplate(AuthenticationCriteria ac)
      Returns a filter template using userFilter and userFilterParameters. User.getIdentifier() is injected with a named parameter of 'user', User.getContext() is injected with a named parameter of 'context', and AuthenticationCriteria.getDn() is injected with a named parameter of 'dn'.
      Parameters:
      ac - authentication criteria
      Returns:
      filter template

    • createSearchRequest

      protected SearchRequest createSearchRequest(AuthenticationCriteria ac)
      Returns a search request for the supplied authentication criteria. If no userFilter is defined then an object level search on the authentication criteria DN is returned. Otherwise the userFilter, baseDn and subtreeSearch are used to create the search request.
      Parameters:
      ac - authentication criteria containing a DN
      Returns:
      search request

    • resolve

      public LdapEntry resolve(AuthenticationCriteria criteria, AuthenticationHandlerResponse response) throws LdapException
      Description copied from interface: EntryResolver
      Attempts to find the LDAP entry for the supplied authentication criteria and authentication handler response. The connection available in the response should not be closed in this method.
      Specified by:
      resolve in interface EntryResolver
      Parameters:
      criteria - authentication criteria used to perform the authentication
      response - produced by the authentication handler
      Returns:
      ldap entry
      Throws:
      LdapException - if an LDAP error occurs

    • toString

      public String toString()
      Overrides:
      toString in class AbstractSearchOperationFactory