Class LdapProviderConfig
- java.lang.Object
-
- org.apache.jackrabbit.oak.security.authentication.ldap.impl.LdapProviderConfig
-
public class LdapProviderConfig extends java.lang.Object
Configuration of the ldap provider.
-
-
Nested Class Summary
Nested Classes Modifier and Type Class Description class
LdapProviderConfig.Identity
Defines the configuration of an identity (user or group).static class
LdapProviderConfig.PoolConfig
Defines the configuration of a connection pool.
-
Field Summary
-
Constructor Summary
Constructors Constructor Description LdapProviderConfig()
-
Method Summary
All Methods Static Methods Instance Methods Concrete Methods Modifier and Type Method Description @Nullable java.lang.String[]
enabledProtocols()
Configures whether enabled protocols should be set on theLdapConnectionConfig
.static java.lang.String
encodeFilterValue(java.lang.String value)
Copied from org.apache.directory.api.ldap.model.filter.FilterEncoder#encodeFilterValue(java.lang.String) in order to keep this configuration LDAP client independent.@NotNull LdapProviderConfig.PoolConfig
getAdminPoolConfig()
Returns the admin connection pool configuration.@Nullable java.lang.String
getBindDN()
Configures the DN that is used to bind to the LDAP server.@Nullable java.lang.String
getBindPassword()
Configures the password that is used to bind to the LDAP server.@NotNull java.lang.String[]
getCustomAttributes()
Optionally configures an array of attribute names that will be retrieved when looking up LDAP entries.@NotNull LdapProviderConfig.Identity
getGroupConfig()
Returns the group specific configuration.@NotNull java.lang.String
getGroupMemberAttribute()
Configures the attribute that stores the members of a group.@NotNull java.lang.String
getHostname()
Configures the hostname of the LDAP server.java.lang.String
getMemberOfSearchFilter(@NotNull java.lang.String dn)
Returns the LDAP filter that is used when searching for groups where an identity is member of.@NotNull java.lang.String
getName()
Returns the name of this provider configuration.int
getPort()
Configures the port of the LDAP server.long
getSearchTimeout()
Configures the timeout in milliseconds that is used for all LDAP searches.@NotNull LdapProviderConfig.Identity
getUserConfig()
Returns the user specific configuration.@NotNull LdapProviderConfig.PoolConfig
getUserPoolConfig()
Returns the user connection pool configuration.boolean
getUseUidForExtId()
If true, the value of the user id (resp.boolean
noCertCheck()
Configures whether certificates on SSL/TLS connections should be validated.static LdapProviderConfig
of(org.apache.jackrabbit.oak.spi.security.ConfigurationParameters params)
Creates a new LDAP provider configuration based on the properties store in the given parameters.@NotNull LdapProviderConfig
setBindDN(@Nullable java.lang.String bindDN)
Sets the bind DN.@NotNull LdapProviderConfig
setBindPassword(@Nullable java.lang.String bindPassword)
Sets the bind password@NotNull LdapProviderConfig
setCustomAttributes(@NotNull java.lang.String[] customAttributes)
Sets the attribute names to be retrieved when looking up LDAP entries.@NotNull LdapProviderConfig
setEnabledProtocols(@NotNull java.lang.String... enabledProtocols)
Configures the enabled protocols to be set to theLdapConnectionConfig
.@NotNull LdapProviderConfig
setGroupMemberAttribute(@NotNull java.lang.String groupMemberAttribute)
Sets the group member attribute.@NotNull LdapProviderConfig
setHostname(@NotNull java.lang.String hostname)
Sets the hostname.@NotNull LdapProviderConfig
setName(@NotNull java.lang.String name)
Sets the name of this provider.@NotNull LdapProviderConfig
setNoCertCheck(boolean noCertCheck)
Disables certificate validation.@NotNull LdapProviderConfig
setPort(int port)
Sets the port.@NotNull LdapProviderConfig
setSearchTimeout(long searchTimeout)
Sets the search timeout.@NotNull LdapProviderConfig
setUseSSL(boolean useSSL)
Enables SSL connections.@NotNull LdapProviderConfig
setUseTLS(boolean useTLS)
Enables TLS connections.@NotNull LdapProviderConfig
setUseUidForExtId(boolean useUidForExtId)
Sets the flag that controls if the user id (resp.java.lang.String
toString()
boolean
useSSL()
Configures whether SSL connections should be used.boolean
useTLS()
Configures whether TLS connections should be used.
-
-
-
Field Detail
-
PARAM_NAME_DEFAULT
public static final java.lang.String PARAM_NAME_DEFAULT
- See Also:
getName()
, Constant Field Values
-
PARAM_NAME
@Property(label="LDAP Provider Name", description="Name of this LDAP provider configuration. This is used to reference this provider by the login modules.", value="ldap") public static final java.lang.String PARAM_NAME
- See Also:
getName()
, Constant Field Values
-
PARAM_LDAP_HOST_DEFAULT
public static final java.lang.String PARAM_LDAP_HOST_DEFAULT
- See Also:
getHostname()
, Constant Field Values
-
PARAM_LDAP_HOST
@Property(label="LDAP Server Hostname", description="Hostname of the LDAP server", value="localhost") public static final java.lang.String PARAM_LDAP_HOST
- See Also:
getHostname()
, Constant Field Values
-
PARAM_LDAP_PORT_DEFAULT
public static final int PARAM_LDAP_PORT_DEFAULT
- See Also:
getPort()
, Constant Field Values
-
PARAM_LDAP_PORT
@Property(label="LDAP Server Port", description="Port of the LDAP server", intValue=389) public static final java.lang.String PARAM_LDAP_PORT
- See Also:
getPort()
, Constant Field Values
-
PARAM_USE_SSL_DEFAULT
public static final boolean PARAM_USE_SSL_DEFAULT
- See Also:
useSSL()
, Constant Field Values
-
PARAM_USE_SSL
@Property(label="Use SSL", description="Indicates if an SSL (LDAPs) connection should be used.", boolValue=false) public static final java.lang.String PARAM_USE_SSL
- See Also:
useSSL()
, Constant Field Values
-
PARAM_USE_TLS_DEFAULT
public static final boolean PARAM_USE_TLS_DEFAULT
- See Also:
useTLS()
, Constant Field Values
-
PARAM_USE_TLS
@Property(label="Use TLS", description="Indicates if TLS should be started on connections.", boolValue=false) public static final java.lang.String PARAM_USE_TLS
- See Also:
useTLS()
, Constant Field Values
-
PARAM_NO_CERT_CHECK_DEFAULT
public static final boolean PARAM_NO_CERT_CHECK_DEFAULT
- See Also:
noCertCheck()
, Constant Field Values
-
PARAM_NO_CERT_CHECK
@Property(label="Disable certificate checking", description="Indicates if server certificate validation should be disabled.", boolValue=false) public static final java.lang.String PARAM_NO_CERT_CHECK
- See Also:
noCertCheck()
, Constant Field Values
-
PARAM_ENABLED_PROTOCOLS
@Property(label="Enabled Protocols", description="Allows to explicitly set the enabled protocols on the LdapConnectionConfig.", value={}, cardinality=2147483647) public static final java.lang.String PARAM_ENABLED_PROTOCOLS
- See Also:
enabledProtocols()
, Constant Field Values
-
PARAM_BIND_DN_DEFAULT
public static final java.lang.String PARAM_BIND_DN_DEFAULT
- See Also:
getBindDN()
, Constant Field Values
-
PARAM_BIND_DN
@Property(label="Bind DN", description="DN of the user for authentication. Leave empty for anonymous bind.", value="") public static final java.lang.String PARAM_BIND_DN
- See Also:
getBindDN()
, Constant Field Values
-
PARAM_BIND_PASSWORD_DEFAULT
public static final java.lang.String PARAM_BIND_PASSWORD_DEFAULT
- See Also:
getBindPassword()
, Constant Field Values
-
PARAM_BIND_PASSWORD
@Property(label="Bind Password", description="Password of the user for authentication.", passwordValue="") public static final java.lang.String PARAM_BIND_PASSWORD
- See Also:
getBindPassword()
, Constant Field Values
-
PARAM_SEARCH_TIMEOUT_DEFAULT
public static final java.lang.String PARAM_SEARCH_TIMEOUT_DEFAULT
- See Also:
getSearchTimeout()
, Constant Field Values
-
PARAM_SEARCH_TIMEOUT
@Property(label="Search Timeout", description="Time in until a search times out (eg: \'1s\' or \'1m 30s\').", value="60s") public static final java.lang.String PARAM_SEARCH_TIMEOUT
- See Also:
getSearchTimeout()
, Constant Field Values
-
PARAM_ADMIN_POOL_MAX_ACTIVE_DEFAULT
public static final int PARAM_ADMIN_POOL_MAX_ACTIVE_DEFAULT
-
PARAM_ADMIN_POOL_MAX_ACTIVE
@Property(label="Admin pool max active", description="The max active size of the admin connection pool.", longValue=8L) public static final java.lang.String PARAM_ADMIN_POOL_MAX_ACTIVE
-
PARAM_ADMIN_POOL_LOOKUP_ON_VALIDATE_DEFAULT
public static final boolean PARAM_ADMIN_POOL_LOOKUP_ON_VALIDATE_DEFAULT
-
PARAM_ADMIN_POOL_LOOKUP_ON_VALIDATE
@Property(label="Admin pool lookup on validate", description="Indicates an ROOT DSE lookup is performed to test if the connection is still valid when taking it out of the pool.", boolValue=true) public static final java.lang.String PARAM_ADMIN_POOL_LOOKUP_ON_VALIDATE
-
PARAM_ADMIN_POOL_MIN_EVICTABLE_IDLE_TIME_DEFAULT
public static final java.lang.String PARAM_ADMIN_POOL_MIN_EVICTABLE_IDLE_TIME_DEFAULT
-
PARAM_ADMIN_POOL_MIN_EVICTABLE_IDLE_TIME
@Property(label="Admin pool min evictable idle time", description="The minimum amount of time a connection from the admin pool must be idle before becoming eligible for eviction by the idle object evictor, if running (eg: \'1m 30s\'). When non-positive, no connections will be evicted from the pool due to idle time alone.", value="-1") public static final java.lang.String PARAM_ADMIN_POOL_MIN_EVICTABLE_IDLE_TIME
-
PARAM_ADMIN_POOL_TIME_BETWEEN_EVICTION_RUNS_DEFAULT
public static final java.lang.String PARAM_ADMIN_POOL_TIME_BETWEEN_EVICTION_RUNS_DEFAULT
-
PARAM_ADMIN_POOL_TIME_BETWEEN_EVICTION_RUNS
@Property(label="Time interval to sleep between evictor runs for the admin pool", description="Time interval to sleep between runs of the idle object evictor thread for the admin pool (eg: \'1m 30s\'). When non-positive, no idle object evictor thread will be run.", value="-1") public static final java.lang.String PARAM_ADMIN_POOL_TIME_BETWEEN_EVICTION_RUNS
-
PARAM_ADMIN_POOL_NUM_TESTS_PER_EVICTION_RUN_DEFAULT
public static final int PARAM_ADMIN_POOL_NUM_TESTS_PER_EVICTION_RUN_DEFAULT
-
PARAM_ADMIN_POOL_NUM_TESTS_PER_EVICTION_RUN
@Property(label="Max number of objects to be tested per run of the idle object evictor for the admin pool", description="The max number of objects to examine during each run of the idle object evictor thread for the admin pool (if any)", intValue=3) public static final java.lang.String PARAM_ADMIN_POOL_NUM_TESTS_PER_EVICTION_RUN
-
PARAM_USER_POOL_MAX_ACTIVE_DEFAULT
public static final int PARAM_USER_POOL_MAX_ACTIVE_DEFAULT
-
PARAM_USER_POOL_MAX_ACTIVE
@Property(label="User pool max active", description="The max active size of the user connection pool.", longValue=8L) public static final java.lang.String PARAM_USER_POOL_MAX_ACTIVE
-
PARAM_USER_POOL_LOOKUP_ON_VALIDATE_DEFAULT
public static final boolean PARAM_USER_POOL_LOOKUP_ON_VALIDATE_DEFAULT
-
PARAM_USER_POOL_LOOKUP_ON_VALIDATE
@Property(label="User pool lookup on validate", description="Indicates an ROOT DSE lookup is performed to test if the connection is still valid when taking it out of the pool.", boolValue=true) public static final java.lang.String PARAM_USER_POOL_LOOKUP_ON_VALIDATE
-
PARAM_USER_POOL_MIN_EVICTABLE_IDLE_TIME_DEFAULT
public static final java.lang.String PARAM_USER_POOL_MIN_EVICTABLE_IDLE_TIME_DEFAULT
-
PARAM_USER_POOL_MIN_EVICTABLE_IDLE_TIME
@Property(label="User pool min evictable idle time", description="The minimum amount of time a connection from the user pool must be idle before becoming eligible for eviction by the idle object evictor, if running (eg: \'1m 30s\'). When non-positive, no connections will be evicted from the pool due to idle time alone.", value="-1") public static final java.lang.String PARAM_USER_POOL_MIN_EVICTABLE_IDLE_TIME
-
PARAM_USER_POOL_TIME_BETWEEN_EVICTION_RUNS_DEFAULT
public static final java.lang.String PARAM_USER_POOL_TIME_BETWEEN_EVICTION_RUNS_DEFAULT
-
PARAM_USER_POOL_TIME_BETWEEN_EVICTION_RUNS
@Property(label="Time interval to sleep between evictor runs for the user pool", description="Time interval to sleep between runs of the idle object evictor thread for the user pool (eg: \'1m 30s\'). When non-positive, no idle object evictor thread will be run.", value="-1") public static final java.lang.String PARAM_USER_POOL_TIME_BETWEEN_EVICTION_RUNS
-
PARAM_USER_POOL_NUM_TESTS_PER_EVICTION_RUN_DEFAULT
public static final int PARAM_USER_POOL_NUM_TESTS_PER_EVICTION_RUN_DEFAULT
-
PARAM_USER_POOL_NUM_TESTS_PER_EVICTION_RUN
@Property(label="Max number of objects to be tested per run of the idle object evictor for the user pool", description="The max number of objects to examine during each run of the idle object evictor thread for the user pool (if any)", intValue=3) public static final java.lang.String PARAM_USER_POOL_NUM_TESTS_PER_EVICTION_RUN
-
PARAM_USER_BASE_DN_DEFAULT
public static final java.lang.String PARAM_USER_BASE_DN_DEFAULT
-
PARAM_USER_BASE_DN
@Property(label="User base DN", description="The base DN for user searches.", value="ou=people,o=example,dc=com") public static final java.lang.String PARAM_USER_BASE_DN
-
PARAM_USER_OBJECTCLASS_DEFAULT
public static final java.lang.String[] PARAM_USER_OBJECTCLASS_DEFAULT
-
PARAM_USER_OBJECTCLASS
@Property(label="User object classes", description="The list of object classes an user entry must contain.", value="person", cardinality=2147483647) public static final java.lang.String PARAM_USER_OBJECTCLASS
-
PARAM_USER_ID_ATTRIBUTE_DEFAULT
public static final java.lang.String PARAM_USER_ID_ATTRIBUTE_DEFAULT
-
PARAM_USER_ID_ATTRIBUTE
@Property(label="User id attribute", description="Name of the attribute that contains the user id.", value="uid") public static final java.lang.String PARAM_USER_ID_ATTRIBUTE
-
PARAM_USER_EXTRA_FILTER_DEFAULT
public static final java.lang.String PARAM_USER_EXTRA_FILTER_DEFAULT
-
PARAM_USER_EXTRA_FILTER
@Property(label="User extra filter", description="Extra LDAP filter to use when searching for users. The final filter isformatted like: \'(&(<idAttr>=<userId>)(objectclass=<objectclass>)<extraFilter>)\'", value="") public static final java.lang.String PARAM_USER_EXTRA_FILTER
-
PARAM_USER_MAKE_DN_PATH_DEFAULT
public static final boolean PARAM_USER_MAKE_DN_PATH_DEFAULT
-
PARAM_USER_MAKE_DN_PATH
@Property(label="User DN paths", description="Controls if the DN should be used for calculating a portion of the intermediate path.", boolValue=false) public static final java.lang.String PARAM_USER_MAKE_DN_PATH
-
PARAM_GROUP_BASE_DN_DEFAULT
public static final java.lang.String PARAM_GROUP_BASE_DN_DEFAULT
-
PARAM_GROUP_BASE_DN
@Property(label="Group base DN", description="The base DN for group searches.", value="ou=groups,o=example,dc=com") public static final java.lang.String PARAM_GROUP_BASE_DN
-
PARAM_GROUP_OBJECTCLASS_DEFAULT
public static final java.lang.String[] PARAM_GROUP_OBJECTCLASS_DEFAULT
-
PARAM_GROUP_OBJECTCLASS
@Property(label="Group object classes", description="The list of object classes a group entry must contain.", value="groupOfUniqueNames", cardinality=2147483647) public static final java.lang.String PARAM_GROUP_OBJECTCLASS
-
PARAM_GROUP_NAME_ATTRIBUTE_DEFAULT
public static final java.lang.String PARAM_GROUP_NAME_ATTRIBUTE_DEFAULT
-
PARAM_GROUP_NAME_ATTRIBUTE
@Property(label="Group name attribute", description="Name of the attribute that contains the group name.", value="cn") public static final java.lang.String PARAM_GROUP_NAME_ATTRIBUTE
-
PARAM_GROUP_EXTRA_FILTER_DEFAULT
public static final java.lang.String PARAM_GROUP_EXTRA_FILTER_DEFAULT
-
PARAM_GROUP_EXTRA_FILTER
@Property(label="Group extra filter", description="Extra LDAP filter to use when searching for groups. The final filter isformatted like: \'(&(<nameAttr>=<groupName>)(objectclass=<objectclass>)<extraFilter>)\'", value="") public static final java.lang.String PARAM_GROUP_EXTRA_FILTER
-
PARAM_GROUP_MAKE_DN_PATH_DEFAULT
public static final boolean PARAM_GROUP_MAKE_DN_PATH_DEFAULT
-
PARAM_GROUP_MAKE_DN_PATH
@Property(label="Group DN paths", description="Controls if the DN should be used for calculating a portion of the intermediate path.", boolValue=false) public static final java.lang.String PARAM_GROUP_MAKE_DN_PATH
-
PARAM_GROUP_MEMBER_ATTRIBUTE_DEFAULT
public static final java.lang.String PARAM_GROUP_MEMBER_ATTRIBUTE_DEFAULT
- See Also:
getGroupMemberAttribute()
, Constant Field Values
-
PARAM_GROUP_MEMBER_ATTRIBUTE
@Property(label="Group member attribute", description="Group attribute that contains the member(s) of a group.", value="uniquemember") public static final java.lang.String PARAM_GROUP_MEMBER_ATTRIBUTE
- See Also:
getGroupMemberAttribute()
, Constant Field Values
-
PARAM_USE_UID_FOR_EXT_ID_DEFAULT
public static final boolean PARAM_USE_UID_FOR_EXT_ID_DEFAULT
- See Also:
getUseUidForExtId()
, Constant Field Values
-
PARAM_USE_UID_FOR_EXT_ID
@Property(label="Use user id for external ids", description="If enabled, the value of the user id (resp. group name) attribute will be used to create external identifiers. Leave disabled to use the DN instead.", boolValue=false) public static final java.lang.String PARAM_USE_UID_FOR_EXT_ID
- See Also:
getUseUidForExtId()
, Constant Field Values
-
PARAM_CUSTOM_ATTRIBUTES_DEFAULT
public static final java.lang.String[] PARAM_CUSTOM_ATTRIBUTES_DEFAULT
- See Also:
getCustomAttributes()
-
PARAM_CUSTOM_ATTRIBUTES
@Property(label="Custom Attributes", description="Attributes retrieved when looking up LDAP entries. Leave empty to retrieve all attributes.", value={}, cardinality=2147483647) public static final java.lang.String PARAM_CUSTOM_ATTRIBUTES
- See Also:
getCustomAttributes()
, Constant Field Values
-
-
Method Detail
-
of
public static LdapProviderConfig of(org.apache.jackrabbit.oak.spi.security.ConfigurationParameters params)
Creates a new LDAP provider configuration based on the properties store in the given parameters.- Parameters:
params
- the configuration parameters.- Returns:
- the config
-
getName
@NotNull public @NotNull java.lang.String getName()
Returns the name of this provider configuration. The default is "ldap"- Returns:
- the name.
-
setName
@NotNull public @NotNull LdapProviderConfig setName(@NotNull @NotNull java.lang.String name)
Sets the name of this provider.- Parameters:
name
- the name- Returns:
this
- See Also:
getName()
-
getHostname
@NotNull public @NotNull java.lang.String getHostname()
Configures the hostname of the LDAP server. The default is "localhost"- Returns:
- the hostname
-
setHostname
@NotNull public @NotNull LdapProviderConfig setHostname(@NotNull @NotNull java.lang.String hostname)
Sets the hostname.- Parameters:
hostname
- the hostname- Returns:
this
- See Also:
getHostname()
-
getPort
public int getPort()
Configures the port of the LDAP server. The default is 389- Returns:
- the port
-
setPort
@NotNull public @NotNull LdapProviderConfig setPort(int port)
Sets the port.- Parameters:
port
- the port- Returns:
this
- See Also:
getPort()
-
useSSL
public boolean useSSL()
Configures whether SSL connections should be used. The default is false.- Returns:
true
if SSL should be used.
-
setUseSSL
@NotNull public @NotNull LdapProviderConfig setUseSSL(boolean useSSL)
Enables SSL connections.- Parameters:
useSSL
-true
to enable SSL- Returns:
this
- See Also:
useSSL()
-
useTLS
public boolean useTLS()
Configures whether TLS connections should be used. The default is false.- Returns:
true
if TLS should be used.
-
setUseTLS
@NotNull public @NotNull LdapProviderConfig setUseTLS(boolean useTLS)
Enables TLS connections.- Parameters:
useTLS
-true
to enable TLS- Returns:
this
- See Also:
useTLS()
-
noCertCheck
public boolean noCertCheck()
Configures whether certificates on SSL/TLS connections should be validated. The default is false.- Returns:
true
if certificates should not be validated
-
setNoCertCheck
@NotNull public @NotNull LdapProviderConfig setNoCertCheck(boolean noCertCheck)
Disables certificate validation.- Parameters:
noCertCheck
-true
to disable certificate validation- Returns:
this
- See Also:
noCertCheck()
-
enabledProtocols
@Nullable public @Nullable java.lang.String[] enabledProtocols()
Configures whether enabled protocols should be set on theLdapConnectionConfig
.- Returns:
- an array of enabled protocols or null if no protocols should be explicitly enabled
-
setEnabledProtocols
@NotNull public @NotNull LdapProviderConfig setEnabledProtocols(@NotNull @NotNull java.lang.String... enabledProtocols)
Configures the enabled protocols to be set to theLdapConnectionConfig
. By default no protocols are set explicitly.- Parameters:
enabledProtocols
- The protocols to be enabled on theLdapConnectionConfig
.- Returns:
this
- See Also:
enabledProtocols()
-
getBindDN
@Nullable public @Nullable java.lang.String getBindDN()
Configures the DN that is used to bind to the LDAP server. If this value isnull
or an empty string, anonymous connections are used.- Returns:
- the bind DN or
null
.
-
setBindDN
@NotNull public @NotNull LdapProviderConfig setBindDN(@Nullable @Nullable java.lang.String bindDN)
Sets the bind DN.- Parameters:
bindDN
- the DN- Returns:
this
- See Also:
getBindDN()
-
getBindPassword
@Nullable public @Nullable java.lang.String getBindPassword()
Configures the password that is used to bind to the LDAP server. This value is not used for anonymous binds.- Returns:
- the password.
-
setBindPassword
@NotNull public @NotNull LdapProviderConfig setBindPassword(@Nullable @Nullable java.lang.String bindPassword)
Sets the bind password- Parameters:
bindPassword
- the password- Returns:
this
- See Also:
getBindPassword()
-
getSearchTimeout
public long getSearchTimeout()
Configures the timeout in milliseconds that is used for all LDAP searches. The default is "60s".- Returns:
- the timeout in milliseconds.
-
setSearchTimeout
@NotNull public @NotNull LdapProviderConfig setSearchTimeout(long searchTimeout)
Sets the search timeout.- Parameters:
searchTimeout
- the timeout in milliseconds- Returns:
this
- See Also:
getSearchTimeout()
-
getGroupMemberAttribute
@NotNull public @NotNull java.lang.String getGroupMemberAttribute()
Configures the attribute that stores the members of a group. Default is "uniquemember"- Returns:
- the group member attribute
-
setGroupMemberAttribute
@NotNull public @NotNull LdapProviderConfig setGroupMemberAttribute(@NotNull @NotNull java.lang.String groupMemberAttribute)
Sets the group member attribute.- Parameters:
groupMemberAttribute
- the attribute name- Returns:
this
- See Also:
getGroupMemberAttribute()
-
getUseUidForExtId
public boolean getUseUidForExtId()
If true, the value of the user id (resp. group name) attribute will be used to create external identifiers. Otherwise the DN will be used, which is the default.- Returns:
- true iff the value of the user id (resp. group name) attribute will be used to create external identifiers
-
setUseUidForExtId
@NotNull public @NotNull LdapProviderConfig setUseUidForExtId(boolean useUidForExtId)
Sets the flag that controls if the user id (resp. gruop name) will be used instead of the DN to create external ids.- Parameters:
useUidForExtId
- the new value of #useUidForExtId- Returns:
this
- See Also:
getUseUidForExtId()
-
getCustomAttributes
@NotNull public @NotNull java.lang.String[] getCustomAttributes()
Optionally configures an array of attribute names that will be retrieved when looking up LDAP entries. Defaults to the empty array indicating that all attributes will be retrieved.- Returns:
- an array of attribute names. The empty array indicates that all attributes will be retrieved.
-
setCustomAttributes
@NotNull public @NotNull LdapProviderConfig setCustomAttributes(@NotNull @NotNull java.lang.String[] customAttributes)
Sets the attribute names to be retrieved when looking up LDAP entries. The empty array indicates that all attributes will be retrieved.- Parameters:
customAttributes
- an array of attribute names- Returns:
- the Identity instance
-
getMemberOfSearchFilter
public java.lang.String getMemberOfSearchFilter(@NotNull @NotNull java.lang.String dn)
Returns the LDAP filter that is used when searching for groups where an identity is member of. The filter is based on the configuration and has the following format:
Note that the objectclass part is repeated according to the specified objectclasses in(&(${memberAttribute}=${dn})(objectclass=${objectclass})${extraFilter})
LdapProviderConfig.Identity.getObjectClasses()
of the group configuration.- Parameters:
dn
- the dn of the identity to search for- Returns:
- the search filter
-
getUserConfig
@NotNull public @NotNull LdapProviderConfig.Identity getUserConfig()
Returns the user specific configuration.- Returns:
- the user config.
-
getGroupConfig
@NotNull public @NotNull LdapProviderConfig.Identity getGroupConfig()
Returns the group specific configuration.- Returns:
- the groups config.
-
getAdminPoolConfig
@NotNull public @NotNull LdapProviderConfig.PoolConfig getAdminPoolConfig()
Returns the admin connection pool configuration.- Returns:
- admin pool config
-
getUserPoolConfig
@NotNull public @NotNull LdapProviderConfig.PoolConfig getUserPoolConfig()
Returns the user connection pool configuration.- Returns:
- user pool config
-
encodeFilterValue
public static java.lang.String encodeFilterValue(java.lang.String value)
Copied from org.apache.directory.api.ldap.model.filter.FilterEncoder#encodeFilterValue(java.lang.String) in order to keep this configuration LDAP client independent. Handles encoding of special characters in LDAP search filter assertion values using the <valueencoding> rule as described in RFC 4515.- Parameters:
value
- Right hand side of "attrId=value" assertion occurring in an LDAP search filter.- Returns:
- Escaped version of
value
-
toString
public java.lang.String toString()
- Overrides:
toString
in classjava.lang.Object
-
-