Configures the given searchControls instance according the application-specific requirements.
Configures the given searchControls instance according the application-specific requirements. For example:
searchControls.setSearchScope(SearchControls.SUBTREE_SCOPE) searchControls.setReturningAttributes(Array("givenName", "sn"))
The application-specific environment properties for the InitialLdapContext.
The application-specific environment properties for the InitialLdapContext. If the application uses 'simple' security authentication then the only required setting is the one configuring the LDAP server and port:
javax.naming.Context.PROVIDER_URL -> "ldap://ldap.testathon.net:389"
However, you can set any of the properties defined in javax.naming.Context. (If a Context.SECURITY_PRINCIPAL
property is specified it overrides the one created by the securityPrincipal
method).
In addition to configuring the properties with this method the application can also choose to have this method
return a Seq.empty
and configure all settings in a jndi.properties
file on the classpath. A combination of
the two is also allowed.
Creates a user object from the given LDAP query result.
Creates a user object from the given LDAP query result. The method can also choose to return None, in which case authentication will fail.
The DN of the entity to base the directory search on.
The DN of the entity to base the directory search on. For example:
def searchBase(user: String) = "OU=users,DC=testathon,DC=net"
Returns the credentials used to bind to the LDAP server in order to search for a matching user entry.
Returns the credentials used to bind to the LDAP server in order to search for a matching user entry. For example:
val searchCredentials = "CN=stuart,OU=users,DC=testathon,DC=net" -> "stuart"
The search filter to use for searching for the user entry.
The search filter to use for searching for the user entry. For example:
def searchFilter(user: String) = "(uid=%s)" format user
The LdapAuthenticator faciliates user/password authentication against an LDAP server. It delegates the application specific parts of the LDAP configuration to the given LdapAuthConfig instance, which is also responsible for creating the object representing the application-specific user context.
Authentication against an LDAP server is done in two separate steps: First, some "search credentials" are used to log into the LDAP server and perform a search for the directory entry matching a given user name. If exactly one user entry is found another LDAP bind operation is performed using the principal DN of the found user entry to validate the password.