org.jasig.portal.security.provider
Class SimpleLdapSecurityContext

java.lang.Object
  extended by org.jasig.portal.security.provider.ChainingSecurityContext
      extended by org.jasig.portal.security.provider.SimpleLdapSecurityContext
All Implemented Interfaces:
java.io.Serializable, IConfigurableSecurityContext, ISecurityContext
Direct Known Subclasses:
CacheLdapSecurityContext

public class SimpleLdapSecurityContext
extends ChainingSecurityContext
implements IConfigurableSecurityContext

This is an implementation of a SecurityContext that checks a user's credentials against an LDAP directory. It expects to be able to bind to the LDAP directory as the user so that it can authenticate the user.

By implementing the IConfigurableSecurityContext interface this context may have properties set on it. The one property the SimpleLdapSecurityContext looks for is defined by the String LDAP_PROPERTIES_CONNECTION_NAME "connection". This property allows a specific, named, LDAP connection to be used by the context. If no "connection" property is specified the default LDAP connection returned by LdapServices is used.

Version:
$Revision: 1.27 $
Author:
Russell Tokuyama (University of Hawaii)
See Also:
Serialized Form

Nested Class Summary
 
Nested classes/interfaces inherited from class org.jasig.portal.security.provider.ChainingSecurityContext
ChainingSecurityContext.ChainingAdditionalDescriptor, ChainingSecurityContext.ChainingOpaqueCredentials, ChainingSecurityContext.ChainingPrincipal
 
Field Summary
static int ATTR_FIRSTNAME
           
static int ATTR_LASTNAME
           
static int ATTR_UID
           
private static java.lang.String[] attributes
           
private  java.util.Properties ctxProperties
           
static java.lang.String LDAP_PROPERTIES_CONNECTION_NAME
           
private static org.apache.commons.logging.Log log
           
private  int SIMPLE_LDAP_SECURITYAUTHTYPE
           
 
Fields inherited from class org.jasig.portal.security.provider.ChainingSecurityContext
isauth, myAdditionalDescriptor, myOpaqueCredentials, myOrder, myPrincipal, mySubContexts, stopWhenAuthenticated
 
Constructor Summary
SimpleLdapSecurityContext()
           
 
Method Summary
 void authenticate()
          Authenticates the user.
private  java.lang.String getAttributeValue(javax.naming.directory.Attributes attrs, int attribute)
          Return a single value of an attribute from possibly multiple values, grossly ignoring anything else.
 int getAuthType()
          Returns the type of authentication this class provides.
private  boolean isAttribute(int attribute)
          Is this a value attribute that's been requested?
 void setProperties(java.util.Properties props)
          Sets the properties to use for this security context.
 
Methods inherited from class org.jasig.portal.security.provider.ChainingSecurityContext
addSubContext, doesSubContextExist, getAdditionalDescriptor, getOpaqueCredentials, getOpaqueCredentialsInstance, getPrincipal, getPrincipalInstance, getSubContext, getSubContextNames, getSubContexts, isAuthenticated
 
Methods inherited from class java.lang.Object
clone, equals, finalize, getClass, hashCode, notify, notifyAll, toString, wait, wait, wait
 
Methods inherited from interface org.jasig.portal.security.ISecurityContext
addSubContext, getAdditionalDescriptor, getOpaqueCredentials, getOpaqueCredentialsInstance, getPrincipal, getPrincipalInstance, getSubContext, getSubContextNames, getSubContexts, isAuthenticated
 

Field Detail

log

private static final org.apache.commons.logging.Log log

ATTR_UID

public static final int ATTR_UID
See Also:
Constant Field Values

ATTR_FIRSTNAME

public static final int ATTR_FIRSTNAME
See Also:
Constant Field Values

ATTR_LASTNAME

public static final int ATTR_LASTNAME
See Also:
Constant Field Values

SIMPLE_LDAP_SECURITYAUTHTYPE

private final int SIMPLE_LDAP_SECURITYAUTHTYPE
See Also:
Constant Field Values

attributes

private static final java.lang.String[] attributes

LDAP_PROPERTIES_CONNECTION_NAME

public static final java.lang.String LDAP_PROPERTIES_CONNECTION_NAME
See Also:
Constant Field Values

ctxProperties

private java.util.Properties ctxProperties
Constructor Detail

SimpleLdapSecurityContext

SimpleLdapSecurityContext()
Method Detail

setProperties

public void setProperties(java.util.Properties props)
Sets the properties to use for this security context.

Specified by:
setProperties in interface IConfigurableSecurityContext
Parameters:
props - The properties to set on the SecurityContext.
See Also:
IConfigurableSecurityContext.setProperties(java.util.Properties)

getAuthType

public int getAuthType()
Returns the type of authentication this class provides.

Specified by:
getAuthType in interface ISecurityContext
Returns:
authorization type

authenticate

public void authenticate()
                  throws PortalSecurityException
Authenticates the user.

Specified by:
authenticate in interface ISecurityContext
Overrides:
authenticate in class ChainingSecurityContext
Throws:
PortalSecurityException
See Also:
ISecurityContext.getPrincipalInstance(), ISecurityContext.getOpaqueCredentialsInstance()

getAttributeValue

private java.lang.String getAttributeValue(javax.naming.directory.Attributes attrs,
                                           int attribute)
                                    throws javax.naming.NamingException

Return a single value of an attribute from possibly multiple values, grossly ignoring anything else. If there are no values, then return an empty string.

Parameters:
attrs - LDAP query results
attribute - LDAP attribute we are interested in
Returns:
a single value of the attribute
Throws:
javax.naming.NamingException

isAttribute

private boolean isAttribute(int attribute)
Is this a value attribute that's been requested?

Parameters:
attribute - in question