LdapUserDetailsManager (spring-security-ldap 5.0.8.RELEASE API)

java.lang.Object
- org.springframework.security.ldap.userdetails.LdapUserDetailsManager

All Implemented Interfaces:

org.springframework.security.core.userdetails.UserDetailsService, org.springframework.security.provisioning.UserDetailsManager
```
public class LdapUserDetailsManager
extends java.lang.Object
implements org.springframework.security.provisioning.UserDetailsManager
```
An Ldap implementation of UserDetailsManager.
It is designed around a standard setup where users and groups/roles are stored under separate contexts, defined by the "userDnBase" and "groupSearchBase" properties respectively.
In this case, LDAP is being used purely to retrieve information and this class can be used in place of any other UserDetailsService for authentication. Authentication isn't performed directly against the directory, unlike with the LDAP authentication provider setup.

Since:

2.0

Constructor Summary

Constructors
Constructor and Description

LdapUserDetailsManager(org.springframework.ldap.core.ContextSource contextSource)

Constructors
Constructor and Description
`LdapUserDetailsManager(org.springframework.ldap.core.ContextSource contextSource)`

Method Summary

All Methods Instance Methods Concrete Methods
Modifier and Type	Method and Description
`protected void`	`addAuthorities(org.springframework.ldap.core.DistinguishedName userDn, java.util.Collection<? extends org.springframework.security.core.GrantedAuthority> authorities)`
`protected org.springframework.ldap.core.DistinguishedName`	`buildGroupDn(java.lang.String group)` Creates a DN from a group name.
`void`	`changePassword(java.lang.String oldPassword, java.lang.String newPassword)` Changes the password for the current user.
`protected void`	`copyToContext(org.springframework.security.core.userdetails.UserDetails user, org.springframework.ldap.core.DirContextAdapter ctx)`
`void`	`createUser(org.springframework.security.core.userdetails.UserDetails user)`
`void`	`deleteUser(java.lang.String username)`
`org.springframework.security.core.userdetails.UserDetails`	`loadUserByUsername(java.lang.String username)`
`protected void`	`removeAuthorities(org.springframework.ldap.core.DistinguishedName userDn, java.util.Collection<? extends org.springframework.security.core.GrantedAuthority> authorities)`
`void`	`setAttributesToRetrieve(java.lang.String[] attributesToRetrieve)`
`void`	`setGroupMemberAttributeName(java.lang.String groupMemberAttributeName)` Sets the name of the multi-valued attribute which holds the DNs of users who are members of a group.
`void`	`setGroupRoleAttributeName(java.lang.String groupRoleAttributeName)`
`void`	`setGroupSearchBase(java.lang.String groupSearchBase)`
`void`	`setPasswordAttributeName(java.lang.String passwordAttributeName)`
`void`	`setRoleMapper(org.springframework.ldap.core.AttributesMapper roleMapper)`
`void`	`setUserDetailsMapper(UserDetailsContextMapper userDetailsMapper)`
`void`	`setUsernameMapper(LdapUsernameToDnMapper usernameMapper)`
`void`	`updateUser(org.springframework.security.core.userdetails.UserDetails user)`
`boolean`	`userExists(java.lang.String username)`

Methods inherited from class java.lang.Object
clone, equals, finalize, getClass, hashCode, notify, notifyAll, toString, wait, wait, wait

Constructor Detail

LdapUserDetailsManager

public LdapUserDetailsManager(org.springframework.ldap.core.ContextSource contextSource)

Method Detail

loadUserByUsername
```
public org.springframework.security.core.userdetails.UserDetails loadUserByUsername(java.lang.String username)
```
Specified by:

loadUserByUsername in interface org.springframework.security.core.userdetails.UserDetailsService

changePassword
```
public void changePassword(java.lang.String oldPassword,
                           java.lang.String newPassword)
```
Changes the password for the current user. The username is obtained from the security context.
If the old password is supplied, the update will be made by rebinding as the user, thus modifying the password using the user's permissions. If oldPassword is null, the update will be attempted using a standard read/write context supplied by the context source.

Specified by:

changePassword in interface org.springframework.security.provisioning.UserDetailsManager

Parameters:

oldPassword - the old password

newPassword - the new value of the password.

createUser
```
public void createUser(org.springframework.security.core.userdetails.UserDetails user)
```
Specified by:

createUser in interface org.springframework.security.provisioning.UserDetailsManager

updateUser
```
public void updateUser(org.springframework.security.core.userdetails.UserDetails user)
```
Specified by:

updateUser in interface org.springframework.security.provisioning.UserDetailsManager

deleteUser
```
public void deleteUser(java.lang.String username)
```
Specified by:

deleteUser in interface org.springframework.security.provisioning.UserDetailsManager

userExists
```
public boolean userExists(java.lang.String username)
```
Specified by:

userExists in interface org.springframework.security.provisioning.UserDetailsManager

buildGroupDn
```
protected org.springframework.ldap.core.DistinguishedName buildGroupDn(java.lang.String group)
```
Creates a DN from a group name.

Parameters:

group - the name of the group

Returns:

the DN of the corresponding group, including the groupSearchBase

copyToContext

protected void copyToContext(org.springframework.security.core.userdetails.UserDetails user,
                             org.springframework.ldap.core.DirContextAdapter ctx)

addAuthorities

protected void addAuthorities(org.springframework.ldap.core.DistinguishedName userDn,
                              java.util.Collection<? extends org.springframework.security.core.GrantedAuthority> authorities)

removeAuthorities

protected void removeAuthorities(org.springframework.ldap.core.DistinguishedName userDn,
                                 java.util.Collection<? extends org.springframework.security.core.GrantedAuthority> authorities)

setUsernameMapper

public void setUsernameMapper(LdapUsernameToDnMapper usernameMapper)

setPasswordAttributeName

public void setPasswordAttributeName(java.lang.String passwordAttributeName)

setGroupSearchBase

public void setGroupSearchBase(java.lang.String groupSearchBase)

setGroupRoleAttributeName

public void setGroupRoleAttributeName(java.lang.String groupRoleAttributeName)

setAttributesToRetrieve

public void setAttributesToRetrieve(java.lang.String[] attributesToRetrieve)

setUserDetailsMapper

public void setUserDetailsMapper(UserDetailsContextMapper userDetailsMapper)

setGroupMemberAttributeName
```
public void setGroupMemberAttributeName(java.lang.String groupMemberAttributeName)
```
Sets the name of the multi-valued attribute which holds the DNs of users who are members of a group.
Usually this will be uniquemember (the default value) or member.

Parameters:

groupMemberAttributeName - the name of the attribute used to store group members.

setRoleMapper

public void setRoleMapper(org.springframework.ldap.core.AttributesMapper roleMapper)

Class LdapUserDetailsManager

Constructor Summary

Method Summary

Methods inherited from class java.lang.Object

Constructor Detail

LdapUserDetailsManager

Method Detail

loadUserByUsername

changePassword

createUser

updateUser

deleteUser

userExists

buildGroupDn

copyToContext

addAuthorities

removeAuthorities

setUsernameMapper

setPasswordAttributeName

setGroupSearchBase

setGroupRoleAttributeName

setAttributesToRetrieve

setUserDetailsMapper

setGroupMemberAttributeName

setRoleMapper