org.apache.shiro.realm.ldap
Class DefaultLdapContextFactory

java.lang.Object
  org.apache.shiro.realm.ldap.DefaultLdapContextFactory

All Implemented Interfaces:

LdapContextFactory

public class DefaultLdapContextFactory
extends Object
implements LdapContextFactory

Default implementation of LdapContextFactory that can be configured or extended to customize the way LdapContext objects are retrieved.

This implementation of LdapContextFactory is used by the AbstractLdapRealm if a factory is not explictly configured.

Connection pooling is enabled by default on this factory, but can be disabled using the usePooling property.

Since:

0.2

Author:

Jeremy Haile

Field Summary

protected String	authentication
protected String	contextFactoryClassName
protected String	principalSuffix
protected String	referral
protected String	searchBase
protected static String	SUN_CONNECTION_POOLING_PROPERTY The Sun LDAP property used to enable connection pooling.
protected String	systemPassword
protected String	systemUsername
protected String	url

Constructor Summary

DefaultLdapContextFactory()

Method Summary

LdapContext	getLdapContext(String username, String password) Creates (or retrieves from a pool) a LdapContext connection bound using the username and password specified.
LdapContext	getSystemLdapContext() Creates (or retrieves from a pool) a LdapContext connection bound using the system account, or anonymously if no system account is configured.
void	setAdditionalEnvironment(Map<String,String> additionalEnvironment) These entries are added to the environment map before initializing the LDAP context.
void	setAuthentication(String authentication) Sets the type of LDAP authentication to perform when connecting to the LDAP server.
void	setContextFactoryClassName(String contextFactoryClassName) The context factory to use.
void	setPrincipalSuffix(String principalSuffix) A suffix appended to the username.
void	setReferral(String referral) Sets the LDAP referral property.
void	setSearchBase(String searchBase) The search base for the search to perform in the LDAP server.
void	setSystemPassword(String systemPassword) The system password that will be used when connecting to the LDAP server to retrieve authorization information about a user.
void	setSystemUsername(String systemUsername) The system username that will be used when connecting to the LDAP server to retrieve authorization information about a user.
void	setUrl(String url) The LDAP url to connect to.
void	setUsePooling(boolean usePooling) Determines whether or not LdapContext pooling is enabled for connections made using the system user account.

Methods inherited from class java.lang.Object

clone, equals, finalize, getClass, hashCode, notify, notifyAll, toString, wait, wait, wait

Field Detail

SUN_CONNECTION_POOLING_PROPERTY

protected static final String SUN_CONNECTION_POOLING_PROPERTY

The Sun LDAP property used to enable connection pooling. This is used in the default implementation to enable LDAP connection pooling.

See Also:

Constant Field Values

authentication

protected String authentication

principalSuffix

protected String principalSuffix

searchBase

protected String searchBase

contextFactoryClassName

protected String contextFactoryClassName

url

protected String url

referral

protected String referral

systemUsername

protected String systemUsername

systemPassword

protected String systemPassword

Constructor Detail

DefaultLdapContextFactory

public DefaultLdapContextFactory()

Method Detail

setAuthentication

public void setAuthentication(String authentication)

Sets the type of LDAP authentication to perform when connecting to the LDAP server. Defaults to "simple"

Parameters:

authentication - the type of LDAP authentication to perform.

setPrincipalSuffix

public void setPrincipalSuffix(String principalSuffix)

A suffix appended to the username. This is typically for domain names. (e.g. "@MyDomain.local")

Parameters:

principalSuffix - the suffix.

setSearchBase

public void setSearchBase(String searchBase)

The search base for the search to perform in the LDAP server. (e.g. OU=OrganizationName,DC=MyDomain,DC=local )

Parameters:

searchBase - the search base.

setContextFactoryClassName

public void setContextFactoryClassName(String contextFactoryClassName)

The context factory to use. This defaults to the SUN LDAP JNDI implementation but can be overridden to use custom LDAP factories.

Parameters:

contextFactoryClassName - the context factory that should be used.

setUrl

public void setUrl(String url)

The LDAP url to connect to. (e.g. ldap://:)

Parameters:

url - the LDAP url.

setReferral

public void setReferral(String referral)

Sets the LDAP referral property. Defaults to "follow"

Parameters:

referral - the referral property.

setSystemUsername

public void setSystemUsername(String systemUsername)

The system username that will be used when connecting to the LDAP server to retrieve authorization information about a user. This must be specified for LDAP authorization to work, but is not required for only authentication.

Parameters:

systemUsername - the username to use when logging into the LDAP server for authorization.

setSystemPassword

public void setSystemPassword(String systemPassword)

The system password that will be used when connecting to the LDAP server to retrieve authorization information about a user. This must be specified for LDAP authorization to work, but is not required for only authentication.

Parameters:

systemPassword - the password to use when logging into the LDAP server for authorization.

setUsePooling

public void setUsePooling(boolean usePooling)

Determines whether or not LdapContext pooling is enabled for connections made using the system user account. In the default implementation, this simply sets the com.sun.jndi.ldap.connect.pool property in the LDAP context environment. If you use an LDAP Context Factory that is not Sun's default implementation, you will need to override the default behavior to use this setting in whatever way your underlying LDAP ContextFactory supports. By default, pooling is enabled.

Parameters:

usePooling - true to enable pooling, or false to disable it.

setAdditionalEnvironment

public void setAdditionalEnvironment(Map<String,String> additionalEnvironment)

These entries are added to the environment map before initializing the LDAP context.

Parameters:

additionalEnvironment - additional environment entries to be configured on the LDAP context.

getSystemLdapContext

public LdapContext getSystemLdapContext()
                                 throws NamingException

Description copied from interface: LdapContextFactory

Creates (or retrieves from a pool) a LdapContext connection bound using the system account, or anonymously if no system account is configured.

Specified by:

getSystemLdapContext in interface LdapContextFactory

Returns:

a LdapContext bound by the system account, or bound anonymously if no system account is configured.

Throws:

NamingException - if there is an error creating the context.

getLdapContext

public LdapContext getLdapContext(String username,
                                  String password)
                           throws NamingException

Description copied from interface: LdapContextFactory

Creates (or retrieves from a pool) a LdapContext connection bound using the username and password specified.

Specified by:

getLdapContext in interface LdapContextFactory

Parameters:

username - the username to use when creating the connection.

password - the password to use when creating the connection.

Returns:

a LdapContext bound using the given username and password.

Throws:

NamingException - if there is an error creating the context.