Class SimpleLDAPAuthenticationManagerImpl
- java.lang.Object
-
- org.apache.qpid.server.model.AbstractConfiguredObject<T>
-
- org.apache.qpid.server.security.auth.manager.AbstractAuthenticationManager<SimpleLDAPAuthenticationManagerImpl>
-
- org.apache.qpid.server.security.auth.manager.SimpleLDAPAuthenticationManagerImpl
-
- All Implemented Interfaces:
EventLoggerProvider
,AuthenticationProvider<SimpleLDAPAuthenticationManagerImpl>
,ConfiguredObject<SimpleLDAPAuthenticationManagerImpl>
,ContextProvider
,PermissionedObject
,TaskExecutorProvider
,CachingAuthenticationProvider<SimpleLDAPAuthenticationManagerImpl>
,SimpleLDAPAuthenticationManager<SimpleLDAPAuthenticationManagerImpl>
,UsernamePasswordAuthenticationProvider<SimpleLDAPAuthenticationManagerImpl>
public class SimpleLDAPAuthenticationManagerImpl extends AbstractAuthenticationManager<SimpleLDAPAuthenticationManagerImpl> implements SimpleLDAPAuthenticationManager<SimpleLDAPAuthenticationManagerImpl>
Simple LDAP authentication manager.Supports username / password authentication.
-
-
Nested Class Summary
-
Nested classes/interfaces inherited from class org.apache.qpid.server.model.AbstractConfiguredObject
AbstractConfiguredObject.CallableWithArgument<V,A>, AbstractConfiguredObject.ChainedListenableFuture<V>, AbstractConfiguredObject.ChainedSettableFuture<V>, AbstractConfiguredObject.DuplicateIdException, AbstractConfiguredObject.DuplicateNameException
-
-
Field Summary
-
Fields inherited from class org.apache.qpid.server.model.AbstractConfiguredObject
SECURED_STRING_VALUE
-
Fields inherited from interface org.apache.qpid.server.security.auth.manager.CachingAuthenticationProvider
AUTHENTICATION_CACHE_EXPIRATION_TIME, AUTHENTICATION_CACHE_ITERATION_COUNT, AUTHENTICATION_CACHE_MAX_SIZE, DEFAULT_AUTHENTICATION_CACHE_EXPIRATION_TIME, DEFAULT_AUTHENTICATION_CACHE_ITERATION_COUNT, DEFAULT_AUTHENTICATION_CACHE_MAX_SIZE
-
Fields inherited from interface org.apache.qpid.server.model.ConfiguredObject
AWAIT_ATTAINMENT_TIMEOUT, CONTEXT, CREATED_BY, CREATED_TIME, DEFAULT_AWAIT_ATTAINMENT_TIMEOUT, DESCRIPTION, DESIRED_STATE, DURABLE, ID, LAST_UPDATED_BY, LAST_UPDATED_TIME, LIFETIME_POLICY, NAME, OVER_SIZED_ATTRIBUTE_ALTERNATIVE_TEXT, STATE, TYPE
-
Fields inherited from interface org.apache.qpid.server.security.auth.manager.SimpleLDAPAuthenticationManager
AUTHENTICATION_METHOD, CLASS_DESCRIPTION, DEFAULT_LDAP_CONTEXT_FACTORY, GROUP_SEARCH_CONTEXT, GROUP_SEARCH_FILTER, LDAP_CONTEXT_FACTORY, LOGIN_CONFIG_SCOPE, LOGIN_CONFIG_SCOPE_DEFAULT, PROVIDER_AUTH_URL, PROVIDER_TYPE, PROVIDER_URL, SEARCH_CONTEXT, SEARCH_FILTER, SEARCH_PASSWORD, SEARCH_USERNAME, TRUST_STORE
-
-
Constructor Summary
Constructors Modifier Constructor Description protected
SimpleLDAPAuthenticationManagerImpl(java.util.Map<java.lang.String,java.lang.Object> attributes, Container<?> container)
Constructor creates configured object
-
Method Summary
All Methods Instance Methods Concrete Methods Modifier and Type Method Description AuthenticationResult
authenticate(java.lang.String username, java.lang.String password)
Authenticates username / password against LDAPSaslNegotiator
createSaslNegotiator(java.lang.String mechanism, SaslSettings saslSettings, NamedAddressSpace addressSpace)
Creates SASL negotiator based on available optionsLdapAuthenticationMethod
getAuthenticationMethod()
java.lang.String
getGroupAttributeName()
java.lang.String
getGroupSearchContext()
java.lang.String
getGroupSearchFilter()
java.lang.String
getLdapContextFactory()
java.lang.String
getLoginConfigScope()
java.util.List<java.lang.String>
getMechanisms()
Gets the SASL mechanisms known to this manager.java.lang.String
getProviderAuthUrl()
java.lang.String
getProviderUrl()
java.lang.String
getSearchContext()
java.lang.String
getSearchFilter()
java.lang.String
getSearchPassword()
java.lang.String
getSearchUsername()
java.util.List<java.lang.String>
getTlsCipherSuiteAllowList()
java.util.List<java.lang.String>
getTlsCipherSuiteDenyList()
java.util.List<java.lang.String>
getTlsProtocolAllowList()
java.util.List<java.lang.String>
getTlsProtocolDenyList()
TrustStore<?>
getTrustStore()
boolean
isBindWithoutSearch()
boolean
isGroupSubtreeSearchScope()
protected void
onOpen()
Retrieves protocol / cipher allow and deny lists from context.java.lang.String
toString()
protected void
validateChange(ConfiguredObject<?> proxyForValidation, java.util.Set<java.lang.String> changedAttributes)
Validate changesprotected void
validateOnCreate()
Validates LDAP connectivity on creation-
Methods inherited from class org.apache.qpid.server.security.auth.manager.AbstractAuthenticationManager
activate, getAvailableMechanisms, getDisabledMechanisms, getEventLogger, getSecureOnlyMechanisms, logCreated, logDeleted, logOperation, logRecovered, logUpdated, onValidate, startQuiesced
-
Methods inherited from class org.apache.qpid.server.model.AbstractConfiguredObject
addChangeListener, addChildAsync, addFutureCallback, applyToChildren, asObjectRecord, attainState, attributesAsString, attributeSet, authorise, authorise, authorise, authoriseCreateChild, awaitChildClassToAttainState, awaitChildClassToAttainState, beforeClose, beforeDelete, changeAttributes, childAdded, childRemoved, close, closeAsync, closeChildren, create, createAsync, createChild, createChildAsync, decryptSecrets, delete, deleteAsync, deleteChildren, deleteNoChecks, doAfter, doAfter, doAfter, doAfter, doAfter, doAfter, doAfterAlways, doAfterAlways, doCreation, doOnConfigThread, doOpening, doResolution, doSync, doSync, doValidation, findConfiguredObject, forceUpdateAllSecureAttributes, getAccessControl, getActualAttributes, getAncestor, getAttainedChildById, getAttainedChildByName, getAttribute, getAttributeNames, getCategoryClass, getChildById, getChildByName, getChildExecutor, getChildren, getContext, getContextKeys, getContextValue, getContextValue, getCreatedBy, getCreatedTime, getDescription, getDesiredState, getId, getLastOpenedTime, getLastUpdatedBy, getLastUpdatedTime, getLifetimePolicy, getModel, getName, getObjectFactory, getParent, getState, getStatistics, getStatistics, getSubjectWithAddedSystemRights, getSystemPrincipal, getSystemTaskControllerContext, getSystemTaskSubject, getSystemTaskSubject, getTaskExecutor, getType, getTypeClass, getUserPreferences, handleExceptionOnOpen, hasEncrypter, isDurable, isSystemProcess, isSystemSubject, managesChildStorage, newToken, notifyStateChanged, onClose, onCreate, onDelete, onExceptionInOpen, onResolve, open, openAsync, postResolve, postResolveChildren, postSetAttributes, registerWithParents, removeChangeListener, removeContextVariable, rethrowRuntimeExceptionsOnOpen, runTask, setAttributes, setAttributesAsync, setContextVariable, setEncrypter, setState, setUserPreferences, start, startAsync, stop, updateModel, validateChildDelete
-
Methods inherited from class java.lang.Object
clone, equals, finalize, getClass, hashCode, notify, notifyAll, wait, wait, wait
-
Methods inherited from interface org.apache.qpid.server.model.AuthenticationProvider
getAvailableMechanisms, getDisabledMechanisms, getSecureOnlyMechanisms
-
Methods inherited from interface org.apache.qpid.server.model.ConfiguredObject
addChangeListener, asObjectRecord, authorise, authorise, authorise, close, closeAsync, createChild, createChildAsync, decryptSecrets, delete, deleteAsync, findConfiguredObject, getActualAttributes, getAttainedChildById, getAttainedChildByName, getAttribute, getAttributeNames, getCategoryClass, getChildById, getChildByName, getChildExecutor, getChildren, getContext, getCreatedBy, getCreatedTime, getDescription, getDesiredState, getId, getLastOpenedTime, getLastUpdatedBy, getLastUpdatedTime, getLifetimePolicy, getModel, getName, getObjectFactory, getParent, getState, getStatistics, getStatistics, getType, getTypeClass, getUserPreferences, hasEncrypter, isDurable, managesChildStorage, newToken, open, openAsync, removeChangeListener, removeContextVariable, setAttributes, setAttributesAsync, setContextVariable, setUserPreferences
-
Methods inherited from interface org.apache.qpid.server.model.ContextProvider
getContextKeys, getContextValue, getContextValue
-
Methods inherited from interface org.apache.qpid.server.logging.EventLoggerProvider
getEventLogger
-
Methods inherited from interface org.apache.qpid.server.model.TaskExecutorProvider
getTaskExecutor
-
-
-
-
Constructor Detail
-
SimpleLDAPAuthenticationManagerImpl
protected SimpleLDAPAuthenticationManagerImpl(java.util.Map<java.lang.String,java.lang.Object> attributes, Container<?> container)
Constructor creates configured object- Parameters:
attributes
- Attributescontainer
- Parent container
-
-
Method Detail
-
validateOnCreate
protected void validateOnCreate()
Validates LDAP connectivity on creation- Overrides:
validateOnCreate
in classAbstractConfiguredObject<SimpleLDAPAuthenticationManagerImpl>
-
validateChange
protected void validateChange(ConfiguredObject<?> proxyForValidation, java.util.Set<java.lang.String> changedAttributes)
Validate changes- Overrides:
validateChange
in classAbstractConfiguredObject<SimpleLDAPAuthenticationManagerImpl>
- Parameters:
proxyForValidation
- ConfiguredObjectchangedAttributes
- Attribute names
-
onOpen
protected void onOpen()
Retrieves protocol / cipher allow and deny lists from context. Creates authentication result cacher.- Overrides:
onOpen
in classAbstractConfiguredObject<SimpleLDAPAuthenticationManagerImpl>
-
getProviderUrl
public java.lang.String getProviderUrl()
- Specified by:
getProviderUrl
in interfaceSimpleLDAPAuthenticationManager<SimpleLDAPAuthenticationManagerImpl>
-
getProviderAuthUrl
public java.lang.String getProviderAuthUrl()
- Specified by:
getProviderAuthUrl
in interfaceSimpleLDAPAuthenticationManager<SimpleLDAPAuthenticationManagerImpl>
-
getSearchContext
public java.lang.String getSearchContext()
- Specified by:
getSearchContext
in interfaceSimpleLDAPAuthenticationManager<SimpleLDAPAuthenticationManagerImpl>
-
getSearchFilter
public java.lang.String getSearchFilter()
- Specified by:
getSearchFilter
in interfaceSimpleLDAPAuthenticationManager<SimpleLDAPAuthenticationManagerImpl>
-
getLdapContextFactory
public java.lang.String getLdapContextFactory()
- Specified by:
getLdapContextFactory
in interfaceSimpleLDAPAuthenticationManager<SimpleLDAPAuthenticationManagerImpl>
-
getTrustStore
public TrustStore<?> getTrustStore()
- Specified by:
getTrustStore
in interfaceSimpleLDAPAuthenticationManager<SimpleLDAPAuthenticationManagerImpl>
-
getSearchUsername
public java.lang.String getSearchUsername()
- Specified by:
getSearchUsername
in interfaceSimpleLDAPAuthenticationManager<SimpleLDAPAuthenticationManagerImpl>
-
getSearchPassword
public java.lang.String getSearchPassword()
- Specified by:
getSearchPassword
in interfaceSimpleLDAPAuthenticationManager<SimpleLDAPAuthenticationManagerImpl>
-
getGroupAttributeName
public java.lang.String getGroupAttributeName()
- Specified by:
getGroupAttributeName
in interfaceSimpleLDAPAuthenticationManager<SimpleLDAPAuthenticationManagerImpl>
-
getGroupSearchContext
public java.lang.String getGroupSearchContext()
- Specified by:
getGroupSearchContext
in interfaceSimpleLDAPAuthenticationManager<SimpleLDAPAuthenticationManagerImpl>
-
getGroupSearchFilter
public java.lang.String getGroupSearchFilter()
- Specified by:
getGroupSearchFilter
in interfaceSimpleLDAPAuthenticationManager<SimpleLDAPAuthenticationManagerImpl>
-
isGroupSubtreeSearchScope
public boolean isGroupSubtreeSearchScope()
- Specified by:
isGroupSubtreeSearchScope
in interfaceSimpleLDAPAuthenticationManager<SimpleLDAPAuthenticationManagerImpl>
-
getAuthenticationMethod
public LdapAuthenticationMethod getAuthenticationMethod()
- Specified by:
getAuthenticationMethod
in interfaceSimpleLDAPAuthenticationManager<SimpleLDAPAuthenticationManagerImpl>
-
getLoginConfigScope
public java.lang.String getLoginConfigScope()
- Specified by:
getLoginConfigScope
in interfaceSimpleLDAPAuthenticationManager<SimpleLDAPAuthenticationManagerImpl>
-
getMechanisms
public java.util.List<java.lang.String> getMechanisms()
Description copied from interface:AuthenticationProvider
Gets the SASL mechanisms known to this manager.- Specified by:
getMechanisms
in interfaceAuthenticationProvider<SimpleLDAPAuthenticationManagerImpl>
- Returns:
- SASL mechanism names, space separated.
-
createSaslNegotiator
public SaslNegotiator createSaslNegotiator(java.lang.String mechanism, SaslSettings saslSettings, NamedAddressSpace addressSpace)
Creates SASL negotiator based on available options- Specified by:
createSaslNegotiator
in interfaceAuthenticationProvider<SimpleLDAPAuthenticationManagerImpl>
- Parameters:
mechanism
- Mechanism namesaslSettings
- SaslSettingsaddressSpace
- NamedAddressSpace- Returns:
- SaslNegotiator
-
authenticate
public AuthenticationResult authenticate(java.lang.String username, java.lang.String password)
Authenticates username / password against LDAP- Specified by:
authenticate
in interfaceUsernamePasswordAuthenticationProvider<SimpleLDAPAuthenticationManagerImpl>
- Parameters:
username
- usernamepassword
- password- Returns:
- AuthenticationResult
-
toString
public java.lang.String toString()
- Overrides:
toString
in classAbstractConfiguredObject<SimpleLDAPAuthenticationManagerImpl>
-
isBindWithoutSearch
public boolean isBindWithoutSearch()
- Specified by:
isBindWithoutSearch
in interfaceSimpleLDAPAuthenticationManager<SimpleLDAPAuthenticationManagerImpl>
-
getTlsProtocolAllowList
public java.util.List<java.lang.String> getTlsProtocolAllowList()
- Specified by:
getTlsProtocolAllowList
in interfaceSimpleLDAPAuthenticationManager<SimpleLDAPAuthenticationManagerImpl>
-
getTlsProtocolDenyList
public java.util.List<java.lang.String> getTlsProtocolDenyList()
- Specified by:
getTlsProtocolDenyList
in interfaceSimpleLDAPAuthenticationManager<SimpleLDAPAuthenticationManagerImpl>
-
getTlsCipherSuiteAllowList
public java.util.List<java.lang.String> getTlsCipherSuiteAllowList()
- Specified by:
getTlsCipherSuiteAllowList
in interfaceSimpleLDAPAuthenticationManager<SimpleLDAPAuthenticationManagerImpl>
-
getTlsCipherSuiteDenyList
public java.util.List<java.lang.String> getTlsCipherSuiteDenyList()
- Specified by:
getTlsCipherSuiteDenyList
in interfaceSimpleLDAPAuthenticationManager<SimpleLDAPAuthenticationManagerImpl>
-
-