Package net.shibboleth.idp.authn.impl
Class LDAPCredentialValidator
- java.lang.Object
-
- net.shibboleth.utilities.java.support.component.AbstractInitializableComponent
-
- net.shibboleth.utilities.java.support.component.AbstractIdentifiedInitializableComponent
-
- net.shibboleth.idp.authn.AbstractCredentialValidator
-
- net.shibboleth.idp.authn.AbstractUsernamePasswordCredentialValidator
-
- net.shibboleth.idp.authn.impl.LDAPCredentialValidator
-
- All Implemented Interfaces:
CredentialValidator,PrincipalSupportingComponent,Component,DestructableComponent,IdentifiableComponent,IdentifiedComponent,InitializableComponent
@ThreadSafeAfterInit public class LDAPCredentialValidator extends AbstractUsernamePasswordCredentialValidator
A password validator that authenticates against LDAP natively.- Since:
- 4.0.0
-
-
Nested Class Summary
-
Nested classes/interfaces inherited from interface net.shibboleth.idp.authn.CredentialValidator
CredentialValidator.ErrorHandler, CredentialValidator.WarningHandler
-
-
Field Summary
Fields Modifier and Type Field Description private AuthenticatorauthenticatorLDAP authenticator.private org.slf4j.LoggerlogClass logger.private Function<ProfileRequestContext,char[]>passwordLookupStrategyOptional strategy for obtaining/transforming the password.private String[]returnAttributesAttributes to return from authentication.
-
Constructor Summary
Constructors Constructor Description LDAPCredentialValidator()
-
Method Summary
All Methods Instance Methods Concrete Methods Modifier and Type Method Description protected voiddoInitialize()protected SubjectdoValidate(ProfileRequestContext profileRequestContext, AuthenticationContext authenticationContext, UsernamePasswordContext usernamePasswordContext, CredentialValidator.WarningHandler warningHandler, CredentialValidator.ErrorHandler errorHandler)AuthenticatorgetAuthenticator()Returns the authenticator.String[]getReturnAttributes()Returns the return attributes.protected SubjectpopulateSubject(UsernamePasswordContext usernamePasswordContext, AuthenticationResponse ldapResponse)Builds a newSubjectpopulated with the necessary data.voidsetAuthenticator(Authenticator auth)Sets the authenticator.voidsetPasswordLookupStrategy(Function<ProfileRequestContext,char[]> strategy)Set a strategy function to produce the password to bind with.voidsetReturnAttributes(String... attributes)Sets the return attributes.-
Methods inherited from class net.shibboleth.idp.authn.AbstractUsernamePasswordCredentialValidator
applyTransforms, doValidate, populateSubject, removeContextAfterValidation, savePasswordToCredentialSet, setLowercase, setMatchExpression, setRemoveContextAfterValidation, setSavePasswordToCredentialSet, setTransforms, setTrim, setUppercase, setUsernamePasswordContextLookupStrategy
-
Methods inherited from class net.shibboleth.idp.authn.AbstractCredentialValidator
getLogPrefix, getSupportedPrincipals, isAcceptable, populateSubject, setActivationCondition, setId, setSupportedPrincipals, validate
-
Methods inherited from class net.shibboleth.utilities.java.support.component.AbstractIdentifiedInitializableComponent
getId
-
Methods inherited from class net.shibboleth.utilities.java.support.component.AbstractInitializableComponent
destroy, doDestroy, initialize, isDestroyed, isInitialized
-
Methods inherited from class java.lang.Object
clone, equals, finalize, getClass, hashCode, notify, notifyAll, toString, wait, wait, wait
-
Methods inherited from interface net.shibboleth.utilities.java.support.component.IdentifiedComponent
getId
-
-
-
-
Field Detail
-
log
@Nonnull private final org.slf4j.Logger log
Class logger.
-
authenticator
@Nonnull private Authenticator authenticator
LDAP authenticator.
-
returnAttributes
@Nullable private String[] returnAttributes
Attributes to return from authentication.
-
passwordLookupStrategy
@Nullable private Function<ProfileRequestContext,char[]> passwordLookupStrategy
Optional strategy for obtaining/transforming the password.
-
-
Method Detail
-
getAuthenticator
@NonnullAfterInit public Authenticator getAuthenticator()
Returns the authenticator.- Returns:
- authenticator
-
setAuthenticator
public void setAuthenticator(@Nonnull Authenticator auth)Sets the authenticator.- Parameters:
auth- to authenticate with
-
getReturnAttributes
@Nullable public String[] getReturnAttributes()
Returns the return attributes.- Returns:
- attribute names
-
setReturnAttributes
public void setReturnAttributes(@Nullable String... attributes)Sets the return attributes.- Parameters:
attributes- attribute names
-
setPasswordLookupStrategy
public void setPasswordLookupStrategy(@Nullable Function<ProfileRequestContext,char[]> strategy)Set a strategy function to produce the password to bind with.- Parameters:
strategy- strategy function
-
doInitialize
protected void doInitialize() throws ComponentInitializationException- Overrides:
doInitializein classAbstractIdentifiedInitializableComponent- Throws:
ComponentInitializationException
-
doValidate
@Nullable protected Subject doValidate(@Nonnull ProfileRequestContext profileRequestContext, @Nonnull AuthenticationContext authenticationContext, @Nonnull UsernamePasswordContext usernamePasswordContext, @Nullable CredentialValidator.WarningHandler warningHandler, @Nullable CredentialValidator.ErrorHandler errorHandler) throws Exception
- Specified by:
doValidatein classAbstractUsernamePasswordCredentialValidator- Throws:
Exception
-
populateSubject
@Nonnull protected Subject populateSubject(@Nonnull UsernamePasswordContext usernamePasswordContext, @Nonnull AuthenticationResponse ldapResponse)
Builds a newSubjectpopulated with the necessary data.- Parameters:
usernamePasswordContext- input contextldapResponse- LDAP response data- Returns:
- the subject to return
-
-