Google Git
Sign in
apache / shiro-site / 01016f43374d9b054f3ea1e568b015d5d69428f9 / . / src / site / assets / static / 1.2.4 / apidocs / org / apache / shiro / realm / ldap / JndiLdapRealm.html
blob: 00261a5319507bedfb3d141319696ef43a199bc8 [file] [log] [blame]
<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN" "http://www.w3.org/TR/html4/loose.dtd">
<!--NewPage-->
<HTML>
<HEAD>
<!-- Generated by javadoc (build 1.6.0_65) on Fri Mar 04 17:58:56 EST 2016 -->
<META http-equiv="Content-Type" content="text/html; charset=UTF-8">
<TITLE>
JndiLdapRealm (Apache Shiro 1.2.4 API)
</TITLE>
<META NAME="date" CONTENT="2016-03-04">
<LINK REL ="stylesheet" TYPE="text/css" HREF="../../../../../stylesheet.css" TITLE="Style">
<SCRIPT type="text/javascript">
function windowTitle()
{
if (location.href.indexOf('is-external=true') == -1) {
parent.document.title="JndiLdapRealm (Apache Shiro 1.2.4 API)";
}
}
</SCRIPT>
<NOSCRIPT>
</NOSCRIPT>
</HEAD>
<BODY BGCOLOR="white" onload="windowTitle();">
<HR>
<!-- ========= START OF TOP NAVBAR ======= -->
<A NAME="navbar_top"><!-- --></A>
<A HREF="#skip-navbar_top" title="Skip navigation links"></A>
<TABLE BORDER="0" WIDTH="100%" CELLPADDING="1" CELLSPACING="0" SUMMARY="">
<TR>
<TD COLSPAN=2 BGCOLOR="#EEEEFF" CLASS="NavBarCell1">
<A NAME="navbar_top_firstrow"><!-- --></A>
<TABLE BORDER="0" CELLPADDING="0" CELLSPACING="3" SUMMARY="">
<TR ALIGN="center" VALIGN="top">
<TD BGCOLOR="#EEEEFF" CLASS="NavBarCell1"> <A HREF="../../../../../overview-summary.html"><FONT CLASS="NavBarFont1"><B>Overview</B></FONT></A>&nbsp;</TD>
<TD BGCOLOR="#EEEEFF" CLASS="NavBarCell1"> <A HREF="package-summary.html"><FONT CLASS="NavBarFont1"><B>Package</B></FONT></A>&nbsp;</TD>
<TD BGCOLOR="#FFFFFF" CLASS="NavBarCell1Rev"> &nbsp;<FONT CLASS="NavBarFont1Rev"><B>Class</B></FONT>&nbsp;</TD>
<TD BGCOLOR="#EEEEFF" CLASS="NavBarCell1"> <A HREF="class-use/JndiLdapRealm.html"><FONT CLASS="NavBarFont1"><B>Use</B></FONT></A>&nbsp;</TD>
<TD BGCOLOR="#EEEEFF" CLASS="NavBarCell1"> <A HREF="package-tree.html"><FONT CLASS="NavBarFont1"><B>Tree</B></FONT></A>&nbsp;</TD>
<TD BGCOLOR="#EEEEFF" CLASS="NavBarCell1"> <A HREF="../../../../../deprecated-list.html"><FONT CLASS="NavBarFont1"><B>Deprecated</B></FONT></A>&nbsp;</TD>
<TD BGCOLOR="#EEEEFF" CLASS="NavBarCell1"> <A HREF="../../../../../index-all.html"><FONT CLASS="NavBarFont1"><B>Index</B></FONT></A>&nbsp;</TD>
<TD BGCOLOR="#EEEEFF" CLASS="NavBarCell1"> <A HREF="../../../../../help-doc.html"><FONT CLASS="NavBarFont1"><B>Help</B></FONT></A>&nbsp;</TD>
</TR>
</TABLE>
</TD>
<TD ALIGN="right" VALIGN="top" ROWSPAN=3><EM>
</EM>
</TD>
</TR>
<TR>
<TD BGCOLOR="white" CLASS="NavBarCell2"><FONT SIZE="-2">
&nbsp;<A HREF="../../../../../org/apache/shiro/realm/ldap/JndiLdapContextFactory.html" title="class in org.apache.shiro.realm.ldap"><B>PREV CLASS</B></A>&nbsp;
&nbsp;<A HREF="../../../../../org/apache/shiro/realm/ldap/LdapContextFactory.html" title="interface in org.apache.shiro.realm.ldap"><B>NEXT CLASS</B></A></FONT></TD>
<TD BGCOLOR="white" CLASS="NavBarCell2"><FONT SIZE="-2">
<A HREF="../../../../../index.html?org/apache/shiro/realm/ldap/JndiLdapRealm.html" target="_top"><B>FRAMES</B></A> &nbsp;
&nbsp;<A HREF="JndiLdapRealm.html" target="_top"><B>NO FRAMES</B></A> &nbsp;
&nbsp;<SCRIPT type="text/javascript">
<!--
if(window==top) {
document.writeln('<A HREF="../../../../../allclasses-noframe.html"><B>All Classes</B></A>');
}
//-->
</SCRIPT>
<NOSCRIPT>
<A HREF="../../../../../allclasses-noframe.html"><B>All Classes</B></A>
</NOSCRIPT>
</FONT></TD>
</TR>
<TR>
<TD VALIGN="top" CLASS="NavBarCell3"><FONT SIZE="-2">
SUMMARY:&nbsp;NESTED&nbsp;|&nbsp;FIELD&nbsp;|&nbsp;<A HREF="#constructor_summary">CONSTR</A>&nbsp;|&nbsp;<A HREF="#method_summary">METHOD</A></FONT></TD>
<TD VALIGN="top" CLASS="NavBarCell3"><FONT SIZE="-2">
DETAIL:&nbsp;FIELD&nbsp;|&nbsp;<A HREF="#constructor_detail">CONSTR</A>&nbsp;|&nbsp;<A HREF="#method_detail">METHOD</A></FONT></TD>
</TR>
</TABLE>
<A NAME="skip-navbar_top"></A>
<!-- ========= END OF TOP NAVBAR ========= -->
<HR>
<!-- ======== START OF CLASS DATA ======== -->
<H2>
<FONT SIZE="-1">
org.apache.shiro.realm.ldap</FONT>
<BR>
Class JndiLdapRealm</H2>
<PRE>
<A HREF="http://java.sun.com/javase/6/docs/api/java/lang/Object.html?is-external=true" title="class or interface in java.lang">java.lang.Object</A>
<IMG SRC="../../../../../resources/inherit.gif" ALT="extended by "><A HREF="../../../../../org/apache/shiro/realm/CachingRealm.html" title="class in org.apache.shiro.realm">org.apache.shiro.realm.CachingRealm</A>
<IMG SRC="../../../../../resources/inherit.gif" ALT="extended by "><A HREF="../../../../../org/apache/shiro/realm/AuthenticatingRealm.html" title="class in org.apache.shiro.realm">org.apache.shiro.realm.AuthenticatingRealm</A>
<IMG SRC="../../../../../resources/inherit.gif" ALT="extended by "><A HREF="../../../../../org/apache/shiro/realm/AuthorizingRealm.html" title="class in org.apache.shiro.realm">org.apache.shiro.realm.AuthorizingRealm</A>
<IMG SRC="../../../../../resources/inherit.gif" ALT="extended by "><B>org.apache.shiro.realm.ldap.JndiLdapRealm</B>
</PRE>
<DL>
<DT><B>All Implemented Interfaces:</B> <DD><A HREF="../../../../../org/apache/shiro/authc/LogoutAware.html" title="interface in org.apache.shiro.authc">LogoutAware</A>, <A HREF="../../../../../org/apache/shiro/authz/Authorizer.html" title="interface in org.apache.shiro.authz">Authorizer</A>, <A HREF="../../../../../org/apache/shiro/authz/permission/PermissionResolverAware.html" title="interface in org.apache.shiro.authz.permission">PermissionResolverAware</A>, <A HREF="../../../../../org/apache/shiro/authz/permission/RolePermissionResolverAware.html" title="interface in org.apache.shiro.authz.permission">RolePermissionResolverAware</A>, <A HREF="../../../../../org/apache/shiro/cache/CacheManagerAware.html" title="interface in org.apache.shiro.cache">CacheManagerAware</A>, <A HREF="../../../../../org/apache/shiro/realm/Realm.html" title="interface in org.apache.shiro.realm">Realm</A>, <A HREF="../../../../../org/apache/shiro/util/Initializable.html" title="interface in org.apache.shiro.util">Initializable</A>, <A HREF="../../../../../org/apache/shiro/util/Nameable.html" title="interface in org.apache.shiro.util">Nameable</A></DD>
</DL>
<HR>
<DL>
<DT><PRE>public class <A HREF="../../../../../src-html/org/apache/shiro/realm/ldap/JndiLdapRealm.html#line.84"><B>JndiLdapRealm</B></A><DT>extends <A HREF="../../../../../org/apache/shiro/realm/AuthorizingRealm.html" title="class in org.apache.shiro.realm">AuthorizingRealm</A></DL>
</PRE>
<P>
An LDAP <A HREF="../../../../../org/apache/shiro/realm/Realm.html" title="interface in org.apache.shiro.realm"><CODE>Realm</CODE></A> implementation utilizing Sun's/Oracle's
<a href="http://download-llnw.oracle.com/javase/tutorial/jndi/ldap/jndi.html">JNDI API as an LDAP API</a>. This is
Shiro's default implementation for supporting LDAP, as using the JNDI API has been a common approach for Java LDAP
support for many years.
<p/>
This realm implementation and its backing <A HREF="../../../../../org/apache/shiro/realm/ldap/JndiLdapContextFactory.html" title="class in org.apache.shiro.realm.ldap"><CODE>JndiLdapContextFactory</CODE></A> should cover 99% of all Shiro-related LDAP
authentication and authorization needs. However, if it does not suit your needs, you might want to look into
creating your own realm using an alternative, perhaps more robust, LDAP communication API, such as the
<a href="http://directory.apache.org/api/">Apache LDAP API</a>.
<h2>Authentication</h2>
During an authentication attempt, if the submitted <code>AuthenticationToken</code>'s
<A HREF="../../../../../org/apache/shiro/authc/AuthenticationToken.html#getPrincipal()"><CODE>principal</CODE></A> is a simple username, but the
LDAP directory expects a complete User Distinguished Name (User DN) to establish a connection, the
<A HREF="../../../../../org/apache/shiro/realm/ldap/JndiLdapRealm.html#setUserDnTemplate(java.lang.String)"><CODE>userDnTemplate</CODE></A> property must be configured. If not configured,
the property will pass the simple username directly as the User DN, which is often incorrect in most LDAP
environments (maybe Microsoft ActiveDirectory being the exception).
<h2>Authorization</h2>
By default, authorization is effectively disabled due to the default
<A HREF="../../../../../org/apache/shiro/realm/ldap/JndiLdapRealm.html#doGetAuthorizationInfo(org.apache.shiro.subject.PrincipalCollection)"><CODE>doGetAuthorizationInfo(org.apache.shiro.subject.PrincipalCollection)</CODE></A> implementation returning <code>null</code>.
If you wish to perform authorization based on an LDAP schema, you must subclass this one
and override that method to reflect your organization's data model.
<h2>Configuration</h2>
This class primarily provides the <A HREF="../../../../../org/apache/shiro/realm/ldap/JndiLdapRealm.html#setUserDnTemplate(java.lang.String)"><CODE>userDnTemplate</CODE></A> property to allow you to specify
the your LDAP server's User DN format. Most other configuration is performed via the nested
<A HREF="../../../../../org/apache/shiro/realm/ldap/LdapContextFactory.html" title="interface in org.apache.shiro.realm.ldap"><CODE>contextFactory</CODE></A> property.
<p/>
For example, defining this realm in Shiro .ini:
<pre>
[main]
ldapRealm = org.apache.shiro.realm.ldap.JndiLdapRealm
ldapRealm.userDnTemplate = uid={0},ou=users,dc=mycompany,dc=com
ldapRealm.contextFactory.url = ldap://ldapHost:389
ldapRealm.contextFactory.authenticationMechanism = DIGEST-MD5
ldapRealm.contextFactory.environment[some.obscure.jndi.key] = some value
...
</pre>
The default <A HREF="../../../../../org/apache/shiro/realm/ldap/JndiLdapRealm.html#setContextFactory(org.apache.shiro.realm.ldap.LdapContextFactory)"><CODE>contextFactory</CODE></A> instance is a <A HREF="../../../../../org/apache/shiro/realm/ldap/JndiLdapContextFactory.html" title="class in org.apache.shiro.realm.ldap"><CODE>JndiLdapContextFactory</CODE></A>. See that
class's JavaDoc for more information on configuring the LDAP connection as well as specifying JNDI environment
properties as necessary.
<P>
<P>
<DL>
<DT><B>Since:</B></DT>
<DD>1.1</DD>
<DT><B>See Also:</B><DD><A HREF="../../../../../org/apache/shiro/realm/ldap/JndiLdapContextFactory.html" title="class in org.apache.shiro.realm.ldap"><CODE>JndiLdapContextFactory</CODE></A></DL>
<HR>
<P>
<!-- ======== CONSTRUCTOR SUMMARY ======== -->
<A NAME="constructor_summary"><!-- --></A>
<TABLE BORDER="1" WIDTH="100%" CELLPADDING="3" CELLSPACING="0" SUMMARY="">
<TR BGCOLOR="#CCCCFF" CLASS="TableHeadingColor">
<TH ALIGN="left" COLSPAN="2"><FONT SIZE="+2">
<B>Constructor Summary</B></FONT></TH>
</TR>
<TR BGCOLOR="white" CLASS="TableRowColor">
<TD><CODE><B><A HREF="../../../../../org/apache/shiro/realm/ldap/JndiLdapRealm.html#JndiLdapRealm()">JndiLdapRealm</A></B>()</CODE>
<BR>
&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;Default no-argument constructor that defaults the internal <A HREF="../../../../../org/apache/shiro/realm/ldap/LdapContextFactory.html" title="interface in org.apache.shiro.realm.ldap"><CODE>LdapContextFactory</CODE></A> instance to a
<A HREF="../../../../../org/apache/shiro/realm/ldap/JndiLdapContextFactory.html" title="class in org.apache.shiro.realm.ldap"><CODE>JndiLdapContextFactory</CODE></A>.</TD>
</TR>
</TABLE>
&nbsp;
<!-- ========== METHOD SUMMARY =========== -->
<A NAME="method_summary"><!-- --></A>
<TABLE BORDER="1" WIDTH="100%" CELLPADDING="3" CELLSPACING="0" SUMMARY="">
<TR BGCOLOR="#CCCCFF" CLASS="TableHeadingColor">
<TH ALIGN="left" COLSPAN="2"><FONT SIZE="+2">
<B>Method Summary</B></FONT></TH>
</TR>
<TR BGCOLOR="white" CLASS="TableRowColor">
<TD ALIGN="right" VALIGN="top" WIDTH="1%"><FONT SIZE="-1">
<CODE>protected &nbsp;<A HREF="../../../../../org/apache/shiro/authc/AuthenticationInfo.html" title="interface in org.apache.shiro.authc">AuthenticationInfo</A></CODE></FONT></TD>
<TD><CODE><B><A HREF="../../../../../org/apache/shiro/realm/ldap/JndiLdapRealm.html#createAuthenticationInfo(org.apache.shiro.authc.AuthenticationToken, java.lang.Object, java.lang.Object, javax.naming.ldap.LdapContext)">createAuthenticationInfo</A></B>(<A HREF="../../../../../org/apache/shiro/authc/AuthenticationToken.html" title="interface in org.apache.shiro.authc">AuthenticationToken</A>&nbsp;token,
<A HREF="http://java.sun.com/javase/6/docs/api/java/lang/Object.html?is-external=true" title="class or interface in java.lang">Object</A>&nbsp;ldapPrincipal,
<A HREF="http://java.sun.com/javase/6/docs/api/java/lang/Object.html?is-external=true" title="class or interface in java.lang">Object</A>&nbsp;ldapCredentials,
<A HREF="http://java.sun.com/javase/6/docs/api/javax/naming/ldap/LdapContext.html?is-external=true" title="class or interface in javax.naming.ldap">LdapContext</A>&nbsp;ldapContext)</CODE>
<BR>
&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;Returns the <A HREF="../../../../../org/apache/shiro/authc/AuthenticationInfo.html" title="interface in org.apache.shiro.authc"><CODE>AuthenticationInfo</CODE></A> resulting from a Subject's successful LDAP authentication attempt.</TD>
</TR>
<TR BGCOLOR="white" CLASS="TableRowColor">
<TD ALIGN="right" VALIGN="top" WIDTH="1%"><FONT SIZE="-1">
<CODE>protected &nbsp;<A HREF="../../../../../org/apache/shiro/authc/AuthenticationInfo.html" title="interface in org.apache.shiro.authc">AuthenticationInfo</A></CODE></FONT></TD>
<TD><CODE><B><A HREF="../../../../../org/apache/shiro/realm/ldap/JndiLdapRealm.html#doGetAuthenticationInfo(org.apache.shiro.authc.AuthenticationToken)">doGetAuthenticationInfo</A></B>(<A HREF="../../../../../org/apache/shiro/authc/AuthenticationToken.html" title="interface in org.apache.shiro.authc">AuthenticationToken</A>&nbsp;token)</CODE>
<BR>
&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;Delegates to <A HREF="../../../../../org/apache/shiro/realm/ldap/JndiLdapRealm.html#queryForAuthenticationInfo(org.apache.shiro.authc.AuthenticationToken, org.apache.shiro.realm.ldap.LdapContextFactory)"><CODE>queryForAuthenticationInfo(org.apache.shiro.authc.AuthenticationToken, LdapContextFactory)</CODE></A>,
wrapping any <A HREF="http://java.sun.com/javase/6/docs/api/javax/naming/NamingException.html?is-external=true" title="class or interface in javax.naming"><CODE>NamingException</CODE></A>s in a Shiro <A HREF="../../../../../org/apache/shiro/authc/AuthenticationException.html" title="class in org.apache.shiro.authc"><CODE>AuthenticationException</CODE></A> to satisfy the parent method
signature.</TD>
</TR>
<TR BGCOLOR="white" CLASS="TableRowColor">
<TD ALIGN="right" VALIGN="top" WIDTH="1%"><FONT SIZE="-1">
<CODE>protected &nbsp;<A HREF="../../../../../org/apache/shiro/authz/AuthorizationInfo.html" title="interface in org.apache.shiro.authz">AuthorizationInfo</A></CODE></FONT></TD>
<TD><CODE><B><A HREF="../../../../../org/apache/shiro/realm/ldap/JndiLdapRealm.html#doGetAuthorizationInfo(org.apache.shiro.subject.PrincipalCollection)">doGetAuthorizationInfo</A></B>(<A HREF="../../../../../org/apache/shiro/subject/PrincipalCollection.html" title="interface in org.apache.shiro.subject">PrincipalCollection</A>&nbsp;principals)</CODE>
<BR>
&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;Retrieves the AuthorizationInfo for the given principals from the underlying data store.</TD>
</TR>
<TR BGCOLOR="white" CLASS="TableRowColor">
<TD ALIGN="right" VALIGN="top" WIDTH="1%"><FONT SIZE="-1">
<CODE>&nbsp;<A HREF="../../../../../org/apache/shiro/realm/ldap/LdapContextFactory.html" title="interface in org.apache.shiro.realm.ldap">LdapContextFactory</A></CODE></FONT></TD>
<TD><CODE><B><A HREF="../../../../../org/apache/shiro/realm/ldap/JndiLdapRealm.html#getContextFactory()">getContextFactory</A></B>()</CODE>
<BR>
&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;Returns the LdapContextFactory instance used to acquire connections to the LDAP directory during authentication
attempts and authorization queries.</TD>
</TR>
<TR BGCOLOR="white" CLASS="TableRowColor">
<TD ALIGN="right" VALIGN="top" WIDTH="1%"><FONT SIZE="-1">
<CODE>protected &nbsp;<A HREF="http://java.sun.com/javase/6/docs/api/java/lang/Object.html?is-external=true" title="class or interface in java.lang">Object</A></CODE></FONT></TD>
<TD><CODE><B><A HREF="../../../../../org/apache/shiro/realm/ldap/JndiLdapRealm.html#getLdapPrincipal(org.apache.shiro.authc.AuthenticationToken)">getLdapPrincipal</A></B>(<A HREF="../../../../../org/apache/shiro/authc/AuthenticationToken.html" title="interface in org.apache.shiro.authc">AuthenticationToken</A>&nbsp;token)</CODE>
<BR>
&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;Returns the principal to use when creating the LDAP connection for an authentication attempt.</TD>
</TR>
<TR BGCOLOR="white" CLASS="TableRowColor">
<TD ALIGN="right" VALIGN="top" WIDTH="1%"><FONT SIZE="-1">
<CODE>protected &nbsp;<A HREF="http://java.sun.com/javase/6/docs/api/java/lang/String.html?is-external=true" title="class or interface in java.lang">String</A></CODE></FONT></TD>
<TD><CODE><B><A HREF="../../../../../org/apache/shiro/realm/ldap/JndiLdapRealm.html#getUserDn(java.lang.String)">getUserDn</A></B>(<A HREF="http://java.sun.com/javase/6/docs/api/java/lang/String.html?is-external=true" title="class or interface in java.lang">String</A>&nbsp;principal)</CODE>
<BR>
&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;Returns the LDAP User Distinguished Name (DN) to use when acquiring an
<A HREF="http://java.sun.com/javase/6/docs/api/javax/naming/ldap/LdapContext.html?is-external=true" title="class or interface in javax.naming.ldap"><CODE>LdapContext</CODE></A> from the <A HREF="../../../../../org/apache/shiro/realm/ldap/LdapContextFactory.html" title="interface in org.apache.shiro.realm.ldap"><CODE>LdapContextFactory</CODE></A>.</TD>
</TR>
<TR BGCOLOR="white" CLASS="TableRowColor">
<TD ALIGN="right" VALIGN="top" WIDTH="1%"><FONT SIZE="-1">
<CODE>protected &nbsp;<A HREF="http://java.sun.com/javase/6/docs/api/java/lang/String.html?is-external=true" title="class or interface in java.lang">String</A></CODE></FONT></TD>
<TD><CODE><B><A HREF="../../../../../org/apache/shiro/realm/ldap/JndiLdapRealm.html#getUserDnPrefix()">getUserDnPrefix</A></B>()</CODE>
<BR>
&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;Returns the User DN prefix to use when building a runtime User DN value or <code>null</code> if no
<A HREF="../../../../../org/apache/shiro/realm/ldap/JndiLdapRealm.html#getUserDnTemplate()"><CODE>userDnTemplate</CODE></A> has been configured.</TD>
</TR>
<TR BGCOLOR="white" CLASS="TableRowColor">
<TD ALIGN="right" VALIGN="top" WIDTH="1%"><FONT SIZE="-1">
<CODE>protected &nbsp;<A HREF="http://java.sun.com/javase/6/docs/api/java/lang/String.html?is-external=true" title="class or interface in java.lang">String</A></CODE></FONT></TD>
<TD><CODE><B><A HREF="../../../../../org/apache/shiro/realm/ldap/JndiLdapRealm.html#getUserDnSuffix()">getUserDnSuffix</A></B>()</CODE>
<BR>
&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;Returns the User DN suffix to use when building a runtime User DN value.</TD>
</TR>
<TR BGCOLOR="white" CLASS="TableRowColor">
<TD ALIGN="right" VALIGN="top" WIDTH="1%"><FONT SIZE="-1">
<CODE>&nbsp;<A HREF="http://java.sun.com/javase/6/docs/api/java/lang/String.html?is-external=true" title="class or interface in java.lang">String</A></CODE></FONT></TD>
<TD><CODE><B><A HREF="../../../../../org/apache/shiro/realm/ldap/JndiLdapRealm.html#getUserDnTemplate()">getUserDnTemplate</A></B>()</CODE>
<BR>
&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;Returns the User Distinguished Name (DN) template to use when creating User DNs at runtime - see the
<A HREF="../../../../../org/apache/shiro/realm/ldap/JndiLdapRealm.html#setUserDnTemplate(java.lang.String)"><CODE>setUserDnTemplate</CODE></A> JavaDoc for a full explanation.</TD>
</TR>
<TR BGCOLOR="white" CLASS="TableRowColor">
<TD ALIGN="right" VALIGN="top" WIDTH="1%"><FONT SIZE="-1">
<CODE>protected &nbsp;<A HREF="../../../../../org/apache/shiro/authc/AuthenticationInfo.html" title="interface in org.apache.shiro.authc">AuthenticationInfo</A></CODE></FONT></TD>
<TD><CODE><B><A HREF="../../../../../org/apache/shiro/realm/ldap/JndiLdapRealm.html#queryForAuthenticationInfo(org.apache.shiro.authc.AuthenticationToken, org.apache.shiro.realm.ldap.LdapContextFactory)">queryForAuthenticationInfo</A></B>(<A HREF="../../../../../org/apache/shiro/authc/AuthenticationToken.html" title="interface in org.apache.shiro.authc">AuthenticationToken</A>&nbsp;token,
<A HREF="../../../../../org/apache/shiro/realm/ldap/LdapContextFactory.html" title="interface in org.apache.shiro.realm.ldap">LdapContextFactory</A>&nbsp;ldapContextFactory)</CODE>
<BR>
&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;This implementation opens an LDAP connection using the token's
<A HREF="../../../../../org/apache/shiro/realm/ldap/JndiLdapRealm.html#getLdapPrincipal(org.apache.shiro.authc.AuthenticationToken)"><CODE>discovered principal</CODE></A> and provided
<A HREF="../../../../../org/apache/shiro/authc/AuthenticationToken.html#getCredentials()"><CODE>credentials</CODE></A>.</TD>
</TR>
<TR BGCOLOR="white" CLASS="TableRowColor">
<TD ALIGN="right" VALIGN="top" WIDTH="1%"><FONT SIZE="-1">
<CODE>protected &nbsp;<A HREF="../../../../../org/apache/shiro/authz/AuthorizationInfo.html" title="interface in org.apache.shiro.authz">AuthorizationInfo</A></CODE></FONT></TD>
<TD><CODE><B><A HREF="../../../../../org/apache/shiro/realm/ldap/JndiLdapRealm.html#queryForAuthorizationInfo(org.apache.shiro.subject.PrincipalCollection, org.apache.shiro.realm.ldap.LdapContextFactory)">queryForAuthorizationInfo</A></B>(<A HREF="../../../../../org/apache/shiro/subject/PrincipalCollection.html" title="interface in org.apache.shiro.subject">PrincipalCollection</A>&nbsp;principals,
<A HREF="../../../../../org/apache/shiro/realm/ldap/LdapContextFactory.html" title="interface in org.apache.shiro.realm.ldap">LdapContextFactory</A>&nbsp;ldapContextFactory)</CODE>
<BR>
&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;Method that should be implemented by subclasses to build an
<A HREF="../../../../../org/apache/shiro/authz/AuthorizationInfo.html" title="interface in org.apache.shiro.authz"><CODE>AuthorizationInfo</CODE></A> object by querying the LDAP context for the
specified principal.</TD>
</TR>
<TR BGCOLOR="white" CLASS="TableRowColor">
<TD ALIGN="right" VALIGN="top" WIDTH="1%"><FONT SIZE="-1">
<CODE>&nbsp;void</CODE></FONT></TD>
<TD><CODE><B><A HREF="../../../../../org/apache/shiro/realm/ldap/JndiLdapRealm.html#setContextFactory(org.apache.shiro.realm.ldap.LdapContextFactory)">setContextFactory</A></B>(<A HREF="../../../../../org/apache/shiro/realm/ldap/LdapContextFactory.html" title="interface in org.apache.shiro.realm.ldap">LdapContextFactory</A>&nbsp;contextFactory)</CODE>
<BR>
&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;Sets the LdapContextFactory instance used to acquire connections to the LDAP directory during authentication
attempts and authorization queries.</TD>
</TR>
<TR BGCOLOR="white" CLASS="TableRowColor">
<TD ALIGN="right" VALIGN="top" WIDTH="1%"><FONT SIZE="-1">
<CODE>&nbsp;void</CODE></FONT></TD>
<TD><CODE><B><A HREF="../../../../../org/apache/shiro/realm/ldap/JndiLdapRealm.html#setUserDnTemplate(java.lang.String)">setUserDnTemplate</A></B>(<A HREF="http://java.sun.com/javase/6/docs/api/java/lang/String.html?is-external=true" title="class or interface in java.lang">String</A>&nbsp;template)</CODE>
<BR>
&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;Sets the User Distinguished Name (DN) template to use when creating User DNs at runtime.</TD>
</TR>
</TABLE>
&nbsp;<A NAME="methods_inherited_from_class_org.apache.shiro.realm.AuthorizingRealm"><!-- --></A>
<TABLE BORDER="1" WIDTH="100%" CELLPADDING="3" CELLSPACING="0" SUMMARY="">
<TR BGCOLOR="#EEEEFF" CLASS="TableSubHeadingColor">
<TH ALIGN="left"><B>Methods inherited from class org.apache.shiro.realm.<A HREF="../../../../../org/apache/shiro/realm/AuthorizingRealm.html" title="class in org.apache.shiro.realm">AuthorizingRealm</A></B></TH>
</TR>
<TR BGCOLOR="white" CLASS="TableRowColor">
<TD><CODE><A HREF="../../../../../org/apache/shiro/realm/AuthorizingRealm.html#afterCacheManagerSet()">afterCacheManagerSet</A>, <A HREF="../../../../../org/apache/shiro/realm/AuthorizingRealm.html#checkPermission(org.apache.shiro.authz.Permission, org.apache.shiro.authz.AuthorizationInfo)">checkPermission</A>, <A HREF="../../../../../org/apache/shiro/realm/AuthorizingRealm.html#checkPermission(org.apache.shiro.subject.PrincipalCollection, org.apache.shiro.authz.Permission)">checkPermission</A>, <A HREF="../../../../../org/apache/shiro/realm/AuthorizingRealm.html#checkPermission(org.apache.shiro.subject.PrincipalCollection, java.lang.String)">checkPermission</A>, <A HREF="../../../../../org/apache/shiro/realm/AuthorizingRealm.html#checkPermissions(java.util.Collection, org.apache.shiro.authz.AuthorizationInfo)">checkPermissions</A>, <A HREF="../../../../../org/apache/shiro/realm/AuthorizingRealm.html#checkPermissions(org.apache.shiro.subject.PrincipalCollection, java.util.Collection)">checkPermissions</A>, <A HREF="../../../../../org/apache/shiro/realm/AuthorizingRealm.html#checkPermissions(org.apache.shiro.subject.PrincipalCollection, java.lang.String...)">checkPermissions</A>, <A HREF="../../../../../org/apache/shiro/realm/AuthorizingRealm.html#checkRole(org.apache.shiro.subject.PrincipalCollection, java.lang.String)">checkRole</A>, <A HREF="../../../../../org/apache/shiro/realm/AuthorizingRealm.html#checkRole(java.lang.String, org.apache.shiro.authz.AuthorizationInfo)">checkRole</A>, <A HREF="../../../../../org/apache/shiro/realm/AuthorizingRealm.html#checkRoles(java.util.Collection, org.apache.shiro.authz.AuthorizationInfo)">checkRoles</A>, <A HREF="../../../../../org/apache/shiro/realm/AuthorizingRealm.html#checkRoles(org.apache.shiro.subject.PrincipalCollection, java.util.Collection)">checkRoles</A>, <A HREF="../../../../../org/apache/shiro/realm/AuthorizingRealm.html#checkRoles(org.apache.shiro.subject.PrincipalCollection, java.lang.String...)">checkRoles</A>, <A HREF="../../../../../org/apache/shiro/realm/AuthorizingRealm.html#clearCachedAuthorizationInfo(org.apache.shiro.subject.PrincipalCollection)">clearCachedAuthorizationInfo</A>, <A HREF="../../../../../org/apache/shiro/realm/AuthorizingRealm.html#doClearCache(org.apache.shiro.subject.PrincipalCollection)">doClearCache</A>, <A HREF="../../../../../org/apache/shiro/realm/AuthorizingRealm.html#getAuthorizationCache()">getAuthorizationCache</A>, <A HREF="../../../../../org/apache/shiro/realm/AuthorizingRealm.html#getAuthorizationCacheKey(org.apache.shiro.subject.PrincipalCollection)">getAuthorizationCacheKey</A>, <A HREF="../../../../../org/apache/shiro/realm/AuthorizingRealm.html#getAuthorizationCacheName()">getAuthorizationCacheName</A>, <A HREF="../../../../../org/apache/shiro/realm/AuthorizingRealm.html#getAuthorizationInfo(org.apache.shiro.subject.PrincipalCollection)">getAuthorizationInfo</A>, <A HREF="../../../../../org/apache/shiro/realm/AuthorizingRealm.html#getPermissionResolver()">getPermissionResolver</A>, <A HREF="../../../../../org/apache/shiro/realm/AuthorizingRealm.html#getPermissions(org.apache.shiro.authz.AuthorizationInfo)">getPermissions</A>, <A HREF="../../../../../org/apache/shiro/realm/AuthorizingRealm.html#getRolePermissionResolver()">getRolePermissionResolver</A>, <A HREF="../../../../../org/apache/shiro/realm/AuthorizingRealm.html#hasAllRoles(org.apache.shiro.subject.PrincipalCollection, java.util.Collection)">hasAllRoles</A>, <A HREF="../../../../../org/apache/shiro/realm/AuthorizingRealm.html#hasRole(org.apache.shiro.subject.PrincipalCollection, java.lang.String)">hasRole</A>, <A HREF="../../../../../org/apache/shiro/realm/AuthorizingRealm.html#hasRole(java.lang.String, org.apache.shiro.authz.AuthorizationInfo)">hasRole</A>, <A HREF="../../../../../org/apache/shiro/realm/AuthorizingRealm.html#hasRoles(java.util.List, org.apache.shiro.authz.AuthorizationInfo)">hasRoles</A>, <A HREF="../../../../../org/apache/shiro/realm/AuthorizingRealm.html#hasRoles(org.apache.shiro.subject.PrincipalCollection, java.util.List)">hasRoles</A>, <A HREF="../../../../../org/apache/shiro/realm/AuthorizingRealm.html#isAuthorizationCachingEnabled()">isAuthorizationCachingEnabled</A>, <A HREF="../../../../../org/apache/shiro/realm/AuthorizingRealm.html#isPermitted(java.util.List, org.apache.shiro.authz.AuthorizationInfo)">isPermitted</A>, <A HREF="../../../../../org/apache/shiro/realm/AuthorizingRealm.html#isPermitted(org.apache.shiro.authz.Permission, org.apache.shiro.authz.AuthorizationInfo)">isPermitted</A>, <A HREF="../../../../../org/apache/shiro/realm/AuthorizingRealm.html#isPermitted(org.apache.shiro.subject.PrincipalCollection, java.util.List)">isPermitted</A>, <A HREF="../../../../../org/apache/shiro/realm/AuthorizingRealm.html#isPermitted(org.apache.shiro.subject.PrincipalCollection, org.apache.shiro.authz.Permission)">isPermitted</A>, <A HREF="../../../../../org/apache/shiro/realm/AuthorizingRealm.html#isPermitted(org.apache.shiro.subject.PrincipalCollection, java.lang.String...)">isPermitted</A>, <A HREF="../../../../../org/apache/shiro/realm/AuthorizingRealm.html#isPermitted(org.apache.shiro.subject.PrincipalCollection, java.lang.String)">isPermitted</A>, <A HREF="../../../../../org/apache/shiro/realm/AuthorizingRealm.html#isPermittedAll(java.util.Collection, org.apache.shiro.authz.AuthorizationInfo)">isPermittedAll</A>, <A HREF="../../../../../org/apache/shiro/realm/AuthorizingRealm.html#isPermittedAll(org.apache.shiro.subject.PrincipalCollection, java.util.Collection)">isPermittedAll</A>, <A HREF="../../../../../org/apache/shiro/realm/AuthorizingRealm.html#isPermittedAll(org.apache.shiro.subject.PrincipalCollection, java.lang.String...)">isPermittedAll</A>, <A HREF="../../../../../org/apache/shiro/realm/AuthorizingRealm.html#onInit()">onInit</A>, <A HREF="../../../../../org/apache/shiro/realm/AuthorizingRealm.html#setAuthorizationCache(org.apache.shiro.cache.Cache)">setAuthorizationCache</A>, <A HREF="../../../../../org/apache/shiro/realm/AuthorizingRealm.html#setAuthorizationCacheName(java.lang.String)">setAuthorizationCacheName</A>, <A HREF="../../../../../org/apache/shiro/realm/AuthorizingRealm.html#setAuthorizationCachingEnabled(boolean)">setAuthorizationCachingEnabled</A>, <A HREF="../../../../../org/apache/shiro/realm/AuthorizingRealm.html#setName(java.lang.String)">setName</A>, <A HREF="../../../../../org/apache/shiro/realm/AuthorizingRealm.html#setPermissionResolver(org.apache.shiro.authz.permission.PermissionResolver)">setPermissionResolver</A>, <A HREF="../../../../../org/apache/shiro/realm/AuthorizingRealm.html#setRolePermissionResolver(org.apache.shiro.authz.permission.RolePermissionResolver)">setRolePermissionResolver</A></CODE></TD>
</TR>
</TABLE>
&nbsp;<A NAME="methods_inherited_from_class_org.apache.shiro.realm.AuthenticatingRealm"><!-- --></A>
<TABLE BORDER="1" WIDTH="100%" CELLPADDING="3" CELLSPACING="0" SUMMARY="">
<TR BGCOLOR="#EEEEFF" CLASS="TableSubHeadingColor">
<TH ALIGN="left"><B>Methods inherited from class org.apache.shiro.realm.<A HREF="../../../../../org/apache/shiro/realm/AuthenticatingRealm.html" title="class in org.apache.shiro.realm">AuthenticatingRealm</A></B></TH>
</TR>
<TR BGCOLOR="white" CLASS="TableRowColor">
<TD><CODE><A HREF="../../../../../org/apache/shiro/realm/AuthenticatingRealm.html#assertCredentialsMatch(org.apache.shiro.authc.AuthenticationToken, org.apache.shiro.authc.AuthenticationInfo)">assertCredentialsMatch</A>, <A HREF="../../../../../org/apache/shiro/realm/AuthenticatingRealm.html#clearCachedAuthenticationInfo(org.apache.shiro.subject.PrincipalCollection)">clearCachedAuthenticationInfo</A>, <A HREF="../../../../../org/apache/shiro/realm/AuthenticatingRealm.html#getAuthenticationCache()">getAuthenticationCache</A>, <A HREF="../../../../../org/apache/shiro/realm/AuthenticatingRealm.html#getAuthenticationCacheKey(org.apache.shiro.authc.AuthenticationToken)">getAuthenticationCacheKey</A>, <A HREF="../../../../../org/apache/shiro/realm/AuthenticatingRealm.html#getAuthenticationCacheKey(org.apache.shiro.subject.PrincipalCollection)">getAuthenticationCacheKey</A>, <A HREF="../../../../../org/apache/shiro/realm/AuthenticatingRealm.html#getAuthenticationCacheName()">getAuthenticationCacheName</A>, <A HREF="../../../../../org/apache/shiro/realm/AuthenticatingRealm.html#getAuthenticationInfo(org.apache.shiro.authc.AuthenticationToken)">getAuthenticationInfo</A>, <A HREF="../../../../../org/apache/shiro/realm/AuthenticatingRealm.html#getAuthenticationTokenClass()">getAuthenticationTokenClass</A>, <A HREF="../../../../../org/apache/shiro/realm/AuthenticatingRealm.html#getCredentialsMatcher()">getCredentialsMatcher</A>, <A HREF="../../../../../org/apache/shiro/realm/AuthenticatingRealm.html#init()">init</A>, <A HREF="../../../../../org/apache/shiro/realm/AuthenticatingRealm.html#isAuthenticationCachingEnabled()">isAuthenticationCachingEnabled</A>, <A HREF="../../../../../org/apache/shiro/realm/AuthenticatingRealm.html#isAuthenticationCachingEnabled(org.apache.shiro.authc.AuthenticationToken, org.apache.shiro.authc.AuthenticationInfo)">isAuthenticationCachingEnabled</A>, <A HREF="../../../../../org/apache/shiro/realm/AuthenticatingRealm.html#setAuthenticationCache(org.apache.shiro.cache.Cache)">setAuthenticationCache</A>, <A HREF="../../../../../org/apache/shiro/realm/AuthenticatingRealm.html#setAuthenticationCacheName(java.lang.String)">setAuthenticationCacheName</A>, <A HREF="../../../../../org/apache/shiro/realm/AuthenticatingRealm.html#setAuthenticationCachingEnabled(boolean)">setAuthenticationCachingEnabled</A>, <A HREF="../../../../../org/apache/shiro/realm/AuthenticatingRealm.html#setAuthenticationTokenClass(java.lang.Class)">setAuthenticationTokenClass</A>, <A HREF="../../../../../org/apache/shiro/realm/AuthenticatingRealm.html#setCredentialsMatcher(org.apache.shiro.authc.credential.CredentialsMatcher)">setCredentialsMatcher</A>, <A HREF="../../../../../org/apache/shiro/realm/AuthenticatingRealm.html#supports(org.apache.shiro.authc.AuthenticationToken)">supports</A></CODE></TD>
</TR>
</TABLE>
&nbsp;<A NAME="methods_inherited_from_class_org.apache.shiro.realm.CachingRealm"><!-- --></A>
<TABLE BORDER="1" WIDTH="100%" CELLPADDING="3" CELLSPACING="0" SUMMARY="">
<TR BGCOLOR="#EEEEFF" CLASS="TableSubHeadingColor">
<TH ALIGN="left"><B>Methods inherited from class org.apache.shiro.realm.<A HREF="../../../../../org/apache/shiro/realm/CachingRealm.html" title="class in org.apache.shiro.realm">CachingRealm</A></B></TH>
</TR>
<TR BGCOLOR="white" CLASS="TableRowColor">
<TD><CODE><A HREF="../../../../../org/apache/shiro/realm/CachingRealm.html#clearCache(org.apache.shiro.subject.PrincipalCollection)">clearCache</A>, <A HREF="../../../../../org/apache/shiro/realm/CachingRealm.html#getAvailablePrincipal(org.apache.shiro.subject.PrincipalCollection)">getAvailablePrincipal</A>, <A HREF="../../../../../org/apache/shiro/realm/CachingRealm.html#getCacheManager()">getCacheManager</A>, <A HREF="../../../../../org/apache/shiro/realm/CachingRealm.html#getName()">getName</A>, <A HREF="../../../../../org/apache/shiro/realm/CachingRealm.html#isCachingEnabled()">isCachingEnabled</A>, <A HREF="../../../../../org/apache/shiro/realm/CachingRealm.html#onLogout(org.apache.shiro.subject.PrincipalCollection)">onLogout</A>, <A HREF="../../../../../org/apache/shiro/realm/CachingRealm.html#setCacheManager(org.apache.shiro.cache.CacheManager)">setCacheManager</A>, <A HREF="../../../../../org/apache/shiro/realm/CachingRealm.html#setCachingEnabled(boolean)">setCachingEnabled</A></CODE></TD>
</TR>
</TABLE>
&nbsp;<A NAME="methods_inherited_from_class_java.lang.Object"><!-- --></A>
<TABLE BORDER="1" WIDTH="100%" CELLPADDING="3" CELLSPACING="0" SUMMARY="">
<TR BGCOLOR="#EEEEFF" CLASS="TableSubHeadingColor">
<TH ALIGN="left"><B>Methods inherited from class java.lang.<A HREF="http://java.sun.com/javase/6/docs/api/java/lang/Object.html?is-external=true" title="class or interface in java.lang">Object</A></B></TH>
</TR>
<TR BGCOLOR="white" CLASS="TableRowColor">
<TD><CODE><A HREF="http://java.sun.com/javase/6/docs/api/java/lang/Object.html?is-external=true#clone()" title="class or interface in java.lang">clone</A>, <A HREF="http://java.sun.com/javase/6/docs/api/java/lang/Object.html?is-external=true#equals(java.lang.Object)" title="class or interface in java.lang">equals</A>, <A HREF="http://java.sun.com/javase/6/docs/api/java/lang/Object.html?is-external=true#finalize()" title="class or interface in java.lang">finalize</A>, <A HREF="http://java.sun.com/javase/6/docs/api/java/lang/Object.html?is-external=true#getClass()" title="class or interface in java.lang">getClass</A>, <A HREF="http://java.sun.com/javase/6/docs/api/java/lang/Object.html?is-external=true#hashCode()" title="class or interface in java.lang">hashCode</A>, <A HREF="http://java.sun.com/javase/6/docs/api/java/lang/Object.html?is-external=true#notify()" title="class or interface in java.lang">notify</A>, <A HREF="http://java.sun.com/javase/6/docs/api/java/lang/Object.html?is-external=true#notifyAll()" title="class or interface in java.lang">notifyAll</A>, <A HREF="http://java.sun.com/javase/6/docs/api/java/lang/Object.html?is-external=true#toString()" title="class or interface in java.lang">toString</A>, <A HREF="http://java.sun.com/javase/6/docs/api/java/lang/Object.html?is-external=true#wait()" title="class or interface in java.lang">wait</A>, <A HREF="http://java.sun.com/javase/6/docs/api/java/lang/Object.html?is-external=true#wait(long)" title="class or interface in java.lang">wait</A>, <A HREF="http://java.sun.com/javase/6/docs/api/java/lang/Object.html?is-external=true#wait(long, int)" title="class or interface in java.lang">wait</A></CODE></TD>
</TR>
</TABLE>
&nbsp;<A NAME="methods_inherited_from_class_org.apache.shiro.util.Initializable"><!-- --></A>
<TABLE BORDER="1" WIDTH="100%" CELLPADDING="3" CELLSPACING="0" SUMMARY="">
<TR BGCOLOR="#EEEEFF" CLASS="TableSubHeadingColor">
<TH ALIGN="left"><B>Methods inherited from interface org.apache.shiro.util.<A HREF="../../../../../org/apache/shiro/util/Initializable.html" title="interface in org.apache.shiro.util">Initializable</A></B></TH>
</TR>
<TR BGCOLOR="white" CLASS="TableRowColor">
<TD><CODE><A HREF="../../../../../org/apache/shiro/util/Initializable.html#init()">init</A></CODE></TD>
</TR>
</TABLE>
&nbsp;
<P>
<!-- ========= CONSTRUCTOR DETAIL ======== -->
<A NAME="constructor_detail"><!-- --></A>
<TABLE BORDER="1" WIDTH="100%" CELLPADDING="3" CELLSPACING="0" SUMMARY="">
<TR BGCOLOR="#CCCCFF" CLASS="TableHeadingColor">
<TH ALIGN="left" COLSPAN="1"><FONT SIZE="+2">
<B>Constructor Detail</B></FONT></TH>
</TR>
</TABLE>
<A NAME="JndiLdapRealm()"><!-- --></A><H3>
JndiLdapRealm</H3>
<PRE>
public <A HREF="../../../../../src-html/org/apache/shiro/realm/ldap/JndiLdapRealm.html#line.111"><B>JndiLdapRealm</B></A>()</PRE>
<DL>
<DD>Default no-argument constructor that defaults the internal <A HREF="../../../../../org/apache/shiro/realm/ldap/LdapContextFactory.html" title="interface in org.apache.shiro.realm.ldap"><CODE>LdapContextFactory</CODE></A> instance to a
<A HREF="../../../../../org/apache/shiro/realm/ldap/JndiLdapContextFactory.html" title="class in org.apache.shiro.realm.ldap"><CODE>JndiLdapContextFactory</CODE></A>.
<P>
</DL>
<!-- ============ METHOD DETAIL ========== -->
<A NAME="method_detail"><!-- --></A>
<TABLE BORDER="1" WIDTH="100%" CELLPADDING="3" CELLSPACING="0" SUMMARY="">
<TR BGCOLOR="#CCCCFF" CLASS="TableHeadingColor">
<TH ALIGN="left" COLSPAN="1"><FONT SIZE="+2">
<B>Method Detail</B></FONT></TH>
</TR>
</TABLE>
<A NAME="getUserDnPrefix()"><!-- --></A><H3>
getUserDnPrefix</H3>
<PRE>
protected <A HREF="http://java.sun.com/javase/6/docs/api/java/lang/String.html?is-external=true" title="class or interface in java.lang">String</A> <A HREF="../../../../../src-html/org/apache/shiro/realm/ldap/JndiLdapRealm.html#line.131"><B>getUserDnPrefix</B></A>()</PRE>
<DL>
<DD>Returns the User DN prefix to use when building a runtime User DN value or <code>null</code> if no
<A HREF="../../../../../org/apache/shiro/realm/ldap/JndiLdapRealm.html#getUserDnTemplate()"><CODE>userDnTemplate</CODE></A> has been configured. If configured, this value is the text that
occurs before the <A HREF="../../../../../org/apache/shiro/realm/ldap/JndiLdapRealm.html#USERDN_SUBSTITUTION_TOKEN"><CODE>USERDN_SUBSTITUTION_TOKEN</CODE></A> in the <A HREF="../../../../../org/apache/shiro/realm/ldap/JndiLdapRealm.html#getUserDnTemplate()"><CODE>userDnTemplate</CODE></A> value.
<P>
<DD><DL>
<DT><B>Returns:</B><DD>the the User DN prefix to use when building a runtime User DN value or <code>null</code> if no
<A HREF="../../../../../org/apache/shiro/realm/ldap/JndiLdapRealm.html#getUserDnTemplate()"><CODE>userDnTemplate</CODE></A> has been configured.</DL>
</DD>
</DL>
<HR>
<A NAME="getUserDnSuffix()"><!-- --></A><H3>
getUserDnSuffix</H3>
<PRE>
protected <A HREF="http://java.sun.com/javase/6/docs/api/java/lang/String.html?is-external=true" title="class or interface in java.lang">String</A> <A HREF="../../../../../src-html/org/apache/shiro/realm/ldap/JndiLdapRealm.html#line.143"><B>getUserDnSuffix</B></A>()</PRE>
<DL>
<DD>Returns the User DN suffix to use when building a runtime User DN value. or <code>null</code> if no
<A HREF="../../../../../org/apache/shiro/realm/ldap/JndiLdapRealm.html#getUserDnTemplate()"><CODE>userDnTemplate</CODE></A> has been configured. If configured, this value is the text that
occurs after the <A HREF="../../../../../org/apache/shiro/realm/ldap/JndiLdapRealm.html#USERDN_SUBSTITUTION_TOKEN"><CODE>USERDN_SUBSTITUTION_TOKEN</CODE></A> in the <A HREF="../../../../../org/apache/shiro/realm/ldap/JndiLdapRealm.html#getUserDnTemplate()"><CODE>userDnTemplate</CODE></A> value.
<P>
<DD><DL>
<DT><B>Returns:</B><DD>the User DN suffix to use when building a runtime User DN value or <code>null</code> if no
<A HREF="../../../../../org/apache/shiro/realm/ldap/JndiLdapRealm.html#getUserDnTemplate()"><CODE>userDnTemplate</CODE></A> has been configured.</DL>
</DD>
</DL>
<HR>
<A NAME="setUserDnTemplate(java.lang.String)"><!-- --></A><H3>
setUserDnTemplate</H3>
<PRE>
public void <A HREF="../../../../../src-html/org/apache/shiro/realm/ldap/JndiLdapRealm.html#line.181"><B>setUserDnTemplate</B></A>(<A HREF="http://java.sun.com/javase/6/docs/api/java/lang/String.html?is-external=true" title="class or interface in java.lang">String</A>&nbsp;template)
throws <A HREF="http://java.sun.com/javase/6/docs/api/java/lang/IllegalArgumentException.html?is-external=true" title="class or interface in java.lang">IllegalArgumentException</A></PRE>
<DL>
<DD>Sets the User Distinguished Name (DN) template to use when creating User DNs at runtime. A User DN is an LDAP
fully-qualified unique user identifier which is required to establish a connection with the LDAP
directory to authenticate users and query for authorization information.
<h2>Usage</h2>
User DN formats are unique to the LDAP directory's schema, and each environment differs - you will need to
specify the format corresponding to your directory. You do this by specifying the full User DN as normal, but
but you use a <b><code>{0}</code></b> placeholder token in the string representing the location where the
user's submitted principal (usually a username or uid) will be substituted at runtime.
<p/>
For example, if your directory
uses an LDAP <code>uid</code> attribute to represent usernames, the User DN for the <code>jsmith</code> user may look like
this:
<p/>
<pre>uid=jsmith,ou=users,dc=mycompany,dc=com</pre>
<p/>
in which case you would set this property with the following template value:
<p/>
<pre>uid=<b>{0}</b>,ou=users,dc=mycompany,dc=com</pre>
<p/>
If no template is configured, the raw <code>AuthenticationToken</code>
<A HREF="../../../../../org/apache/shiro/authc/AuthenticationToken.html#getPrincipal()"><CODE>principal</CODE></A> will be used as the LDAP principal. This is likely
incorrect as most LDAP directories expect a fully-qualified User DN as opposed to the raw uid or username. So,
ensure you set this property to match your environment!
<P>
<DD><DL>
<DT><B>Parameters:</B><DD><CODE>template</CODE> - the User Distinguished Name template to use for runtime substitution
<DT><B>Throws:</B>
<DD><CODE><A HREF="http://java.sun.com/javase/6/docs/api/java/lang/IllegalArgumentException.html?is-external=true" title="class or interface in java.lang">IllegalArgumentException</A></CODE> - if the template is null, empty, or does not contain the
<code>{0}</code> substitution token.<DT><B>See Also:</B><DD><A HREF="../../../../../org/apache/shiro/realm/ldap/LdapContextFactory.html#getLdapContext(java.lang.Object, java.lang.Object)"><CODE>LdapContextFactory.getLdapContext(Object,Object)</CODE></A></DL>
</DD>
</DL>
<HR>
<A NAME="getUserDnTemplate()"><!-- --></A><H3>
getUserDnTemplate</H3>
<PRE>
public <A HREF="http://java.sun.com/javase/6/docs/api/java/lang/String.html?is-external=true" title="class or interface in java.lang">String</A> <A HREF="../../../../../src-html/org/apache/shiro/realm/ldap/JndiLdapRealm.html#line.208"><B>getUserDnTemplate</B></A>()</PRE>
<DL>
<DD>Returns the User Distinguished Name (DN) template to use when creating User DNs at runtime - see the
<A HREF="../../../../../org/apache/shiro/realm/ldap/JndiLdapRealm.html#setUserDnTemplate(java.lang.String)"><CODE>setUserDnTemplate</CODE></A> JavaDoc for a full explanation.
<P>
<DD><DL>
<DT><B>Returns:</B><DD>the User Distinguished Name (DN) template to use when creating User DNs at runtime.</DL>
</DD>
</DL>
<HR>
<A NAME="getUserDn(java.lang.String)"><!-- --></A><H3>
getUserDn</H3>
<PRE>
protected <A HREF="http://java.sun.com/javase/6/docs/api/java/lang/String.html?is-external=true" title="class or interface in java.lang">String</A> <A HREF="../../../../../src-html/org/apache/shiro/realm/ldap/JndiLdapRealm.html#line.227"><B>getUserDn</B></A>(<A HREF="http://java.sun.com/javase/6/docs/api/java/lang/String.html?is-external=true" title="class or interface in java.lang">String</A>&nbsp;principal)
throws <A HREF="http://java.sun.com/javase/6/docs/api/java/lang/IllegalArgumentException.html?is-external=true" title="class or interface in java.lang">IllegalArgumentException</A>,
<A HREF="http://java.sun.com/javase/6/docs/api/java/lang/IllegalStateException.html?is-external=true" title="class or interface in java.lang">IllegalStateException</A></PRE>
<DL>
<DD>Returns the LDAP User Distinguished Name (DN) to use when acquiring an
<A HREF="http://java.sun.com/javase/6/docs/api/javax/naming/ldap/LdapContext.html?is-external=true" title="class or interface in javax.naming.ldap"><CODE>LdapContext</CODE></A> from the <A HREF="../../../../../org/apache/shiro/realm/ldap/LdapContextFactory.html" title="interface in org.apache.shiro.realm.ldap"><CODE>LdapContextFactory</CODE></A>.
<p/>
If the the <A HREF="../../../../../org/apache/shiro/realm/ldap/JndiLdapRealm.html#getUserDnTemplate()"><CODE>userDnTemplate</CODE></A> property has been set, this implementation will construct
the User DN by substituting the specified <code>principal</code> into the configured template. If the
<A HREF="../../../../../org/apache/shiro/realm/ldap/JndiLdapRealm.html#getUserDnTemplate()"><CODE>userDnTemplate</CODE></A> has not been set, the method argument will be returned directly
(indicating that the submitted authentication token principal <em>is</em> the User DN).
<P>
<DD><DL>
<DT><B>Parameters:</B><DD><CODE>principal</CODE> - the principal to substitute into the configured <A HREF="../../../../../org/apache/shiro/realm/ldap/JndiLdapRealm.html#getUserDnTemplate()"><CODE>userDnTemplate</CODE></A>.
<DT><B>Returns:</B><DD>the constructed User DN to use at runtime when acquiring an <A HREF="http://java.sun.com/javase/6/docs/api/javax/naming/ldap/LdapContext.html?is-external=true" title="class or interface in javax.naming.ldap"><CODE>LdapContext</CODE></A>.
<DT><B>Throws:</B>
<DD><CODE><A HREF="http://java.sun.com/javase/6/docs/api/java/lang/IllegalArgumentException.html?is-external=true" title="class or interface in java.lang">IllegalArgumentException</A></CODE> - if the method argument is null or empty
<DD><CODE><A HREF="http://java.sun.com/javase/6/docs/api/java/lang/IllegalStateException.html?is-external=true" title="class or interface in java.lang">IllegalStateException</A></CODE> - if the <A HREF="../../../../../org/apache/shiro/realm/ldap/JndiLdapRealm.html#getUserDnTemplate()"><CODE>userDnTemplate</CODE></A> has not been set.<DT><B>See Also:</B><DD><A HREF="../../../../../org/apache/shiro/realm/ldap/LdapContextFactory.html#getLdapContext(java.lang.Object, java.lang.Object)"><CODE>LdapContextFactory.getLdapContext(Object, Object)</CODE></A></DL>
</DD>
</DL>
<HR>
<A NAME="setContextFactory(org.apache.shiro.realm.ldap.LdapContextFactory)"><!-- --></A><H3>
setContextFactory</H3>
<PRE>
public void <A HREF="../../../../../src-html/org/apache/shiro/realm/ldap/JndiLdapRealm.html#line.262"><B>setContextFactory</B></A>(<A HREF="../../../../../org/apache/shiro/realm/ldap/LdapContextFactory.html" title="interface in org.apache.shiro.realm.ldap">LdapContextFactory</A>&nbsp;contextFactory)</PRE>
<DL>
<DD>Sets the LdapContextFactory instance used to acquire connections to the LDAP directory during authentication
attempts and authorization queries. Unless specified otherwise, the default is a <A HREF="../../../../../org/apache/shiro/realm/ldap/JndiLdapContextFactory.html" title="class in org.apache.shiro.realm.ldap"><CODE>JndiLdapContextFactory</CODE></A>
instance.
<P>
<DD><DL>
<DT><B>Parameters:</B><DD><CODE>contextFactory</CODE> - the LdapContextFactory instance used to acquire connections to the LDAP directory during
authentication attempts and authorization queries</DL>
</DD>
</DL>
<HR>
<A NAME="getContextFactory()"><!-- --></A><H3>
getContextFactory</H3>
<PRE>
public <A HREF="../../../../../org/apache/shiro/realm/ldap/LdapContextFactory.html" title="interface in org.apache.shiro.realm.ldap">LdapContextFactory</A> <A HREF="../../../../../src-html/org/apache/shiro/realm/ldap/JndiLdapRealm.html#line.274"><B>getContextFactory</B></A>()</PRE>
<DL>
<DD>Returns the LdapContextFactory instance used to acquire connections to the LDAP directory during authentication
attempts and authorization queries. Unless specified otherwise, the default is a <A HREF="../../../../../org/apache/shiro/realm/ldap/JndiLdapContextFactory.html" title="class in org.apache.shiro.realm.ldap"><CODE>JndiLdapContextFactory</CODE></A>
instance.
<P>
<DD><DL>
<DT><B>Returns:</B><DD>the LdapContextFactory instance used to acquire connections to the LDAP directory during
authentication attempts and authorization queries</DL>
</DD>
</DL>
<HR>
<A NAME="doGetAuthenticationInfo(org.apache.shiro.authc.AuthenticationToken)"><!-- --></A><H3>
doGetAuthenticationInfo</H3>
<PRE>
protected <A HREF="../../../../../org/apache/shiro/authc/AuthenticationInfo.html" title="interface in org.apache.shiro.authc">AuthenticationInfo</A> <A HREF="../../../../../src-html/org/apache/shiro/realm/ldap/JndiLdapRealm.html#line.292"><B>doGetAuthenticationInfo</B></A>(<A HREF="../../../../../org/apache/shiro/authc/AuthenticationToken.html" title="interface in org.apache.shiro.authc">AuthenticationToken</A>&nbsp;token)
throws <A HREF="../../../../../org/apache/shiro/authc/AuthenticationException.html" title="class in org.apache.shiro.authc">AuthenticationException</A></PRE>
<DL>
<DD>Delegates to <A HREF="../../../../../org/apache/shiro/realm/ldap/JndiLdapRealm.html#queryForAuthenticationInfo(org.apache.shiro.authc.AuthenticationToken, org.apache.shiro.realm.ldap.LdapContextFactory)"><CODE>queryForAuthenticationInfo(org.apache.shiro.authc.AuthenticationToken, LdapContextFactory)</CODE></A>,
wrapping any <A HREF="http://java.sun.com/javase/6/docs/api/javax/naming/NamingException.html?is-external=true" title="class or interface in javax.naming"><CODE>NamingException</CODE></A>s in a Shiro <A HREF="../../../../../org/apache/shiro/authc/AuthenticationException.html" title="class in org.apache.shiro.authc"><CODE>AuthenticationException</CODE></A> to satisfy the parent method
signature.
<P>
<DD><DL>
<DT><B>Specified by:</B><DD><CODE><A HREF="../../../../../org/apache/shiro/realm/AuthenticatingRealm.html#doGetAuthenticationInfo(org.apache.shiro.authc.AuthenticationToken)">doGetAuthenticationInfo</A></CODE> in class <CODE><A HREF="../../../../../org/apache/shiro/realm/AuthenticatingRealm.html" title="class in org.apache.shiro.realm">AuthenticatingRealm</A></CODE></DL>
</DD>
<DD><DL>
<DT><B>Parameters:</B><DD><CODE>token</CODE> - the authentication token containing the user's principal and credentials.
<DT><B>Returns:</B><DD>the <A HREF="../../../../../org/apache/shiro/authc/AuthenticationInfo.html" title="interface in org.apache.shiro.authc"><CODE>AuthenticationInfo</CODE></A> acquired after a successful authentication attempt
<DT><B>Throws:</B>
<DD><CODE><A HREF="../../../../../org/apache/shiro/authc/AuthenticationException.html" title="class in org.apache.shiro.authc">AuthenticationException</A></CODE> - if the authentication attempt fails or if a
<A HREF="http://java.sun.com/javase/6/docs/api/javax/naming/NamingException.html?is-external=true" title="class or interface in javax.naming"><CODE>NamingException</CODE></A> occurs.</DL>
</DD>
</DL>
<HR>
<A NAME="doGetAuthorizationInfo(org.apache.shiro.subject.PrincipalCollection)"><!-- --></A><H3>
doGetAuthorizationInfo</H3>
<PRE>
protected <A HREF="../../../../../org/apache/shiro/authz/AuthorizationInfo.html" title="interface in org.apache.shiro.authz">AuthorizationInfo</A> <A HREF="../../../../../src-html/org/apache/shiro/realm/ldap/JndiLdapRealm.html#line.310"><B>doGetAuthorizationInfo</B></A>(<A HREF="../../../../../org/apache/shiro/subject/PrincipalCollection.html" title="interface in org.apache.shiro.subject">PrincipalCollection</A>&nbsp;principals)</PRE>
<DL>
<DD><B>Description copied from class: <CODE><A HREF="../../../../../org/apache/shiro/realm/AuthorizingRealm.html#doGetAuthorizationInfo(org.apache.shiro.subject.PrincipalCollection)">AuthorizingRealm</A></CODE></B></DD>
<DD>Retrieves the AuthorizationInfo for the given principals from the underlying data store. When returning
an instance from this method, you might want to consider using an instance of
<A HREF="../../../../../org/apache/shiro/authz/SimpleAuthorizationInfo.html" title="class in org.apache.shiro.authz"><CODE>SimpleAuthorizationInfo</CODE></A>, as it is suitable in most cases.
<P>
<DD><DL>
<DT><B>Specified by:</B><DD><CODE><A HREF="../../../../../org/apache/shiro/realm/AuthorizingRealm.html#doGetAuthorizationInfo(org.apache.shiro.subject.PrincipalCollection)">doGetAuthorizationInfo</A></CODE> in class <CODE><A HREF="../../../../../org/apache/shiro/realm/AuthorizingRealm.html" title="class in org.apache.shiro.realm">AuthorizingRealm</A></CODE></DL>
</DD>
<DD><DL>
<DT><B>Parameters:</B><DD><CODE>principals</CODE> - the primary identifying principals of the AuthorizationInfo that should be retrieved.
<DT><B>Returns:</B><DD>the AuthorizationInfo associated with this principals.<DT><B>See Also:</B><DD><A HREF="../../../../../org/apache/shiro/authz/SimpleAuthorizationInfo.html" title="class in org.apache.shiro.authz"><CODE>SimpleAuthorizationInfo</CODE></A></DL>
</DD>
</DL>
<HR>
<A NAME="getLdapPrincipal(org.apache.shiro.authc.AuthenticationToken)"><!-- --></A><H3>
getLdapPrincipal</H3>
<PRE>
protected <A HREF="http://java.sun.com/javase/6/docs/api/java/lang/Object.html?is-external=true" title="class or interface in java.lang">Object</A> <A HREF="../../../../../src-html/org/apache/shiro/realm/ldap/JndiLdapRealm.html#line.338"><B>getLdapPrincipal</B></A>(<A HREF="../../../../../org/apache/shiro/authc/AuthenticationToken.html" title="interface in org.apache.shiro.authc">AuthenticationToken</A>&nbsp;token)</PRE>
<DL>
<DD>Returns the principal to use when creating the LDAP connection for an authentication attempt.
<p/>
This implementation uses a heuristic: it checks to see if the specified token's
<A HREF="../../../../../org/apache/shiro/authc/AuthenticationToken.html#getPrincipal()"><CODE>principal</CODE></A> is a <code>String</code>, and if so,
<A HREF="../../../../../org/apache/shiro/realm/ldap/JndiLdapRealm.html#getUserDn(java.lang.String)"><CODE>converts it</CODE></A> from what is
assumed to be a raw uid or username <code>String</code> into a User DN <code>String</code>. Almost all LDAP directories
expect the authentication connection to present a User DN and not an unqualified username or uid.
<p/>
If the token's <code>principal</code> is not a String, it is assumed to already be in the format supported by the
underlying <A HREF="../../../../../org/apache/shiro/realm/ldap/LdapContextFactory.html" title="interface in org.apache.shiro.realm.ldap"><CODE>LdapContextFactory</CODE></A> implementation and the raw principal is returned directly.
<P>
<DD><DL>
<DT><B>Parameters:</B><DD><CODE>token</CODE> - the <A HREF="../../../../../org/apache/shiro/authc/AuthenticationToken.html" title="interface in org.apache.shiro.authc"><CODE>AuthenticationToken</CODE></A> submitted during the authentication process
<DT><B>Returns:</B><DD>the User DN or raw principal to use to acquire the LdapContext.<DT><B>See Also:</B><DD><A HREF="../../../../../org/apache/shiro/realm/ldap/LdapContextFactory.html#getLdapContext(java.lang.Object, java.lang.Object)"><CODE>LdapContextFactory.getLdapContext(Object, Object)</CODE></A></DL>
</DD>
</DL>
<HR>
<A NAME="queryForAuthenticationInfo(org.apache.shiro.authc.AuthenticationToken, org.apache.shiro.realm.ldap.LdapContextFactory)"><!-- --></A><H3>
queryForAuthenticationInfo</H3>
<PRE>
protected <A HREF="../../../../../org/apache/shiro/authc/AuthenticationInfo.html" title="interface in org.apache.shiro.authc">AuthenticationInfo</A> <A HREF="../../../../../src-html/org/apache/shiro/realm/ldap/JndiLdapRealm.html#line.362"><B>queryForAuthenticationInfo</B></A>(<A HREF="../../../../../org/apache/shiro/authc/AuthenticationToken.html" title="interface in org.apache.shiro.authc">AuthenticationToken</A>&nbsp;token,
<A HREF="../../../../../org/apache/shiro/realm/ldap/LdapContextFactory.html" title="interface in org.apache.shiro.realm.ldap">LdapContextFactory</A>&nbsp;ldapContextFactory)
throws <A HREF="http://java.sun.com/javase/6/docs/api/javax/naming/NamingException.html?is-external=true" title="class or interface in javax.naming">NamingException</A></PRE>
<DL>
<DD>This implementation opens an LDAP connection using the token's
<A HREF="../../../../../org/apache/shiro/realm/ldap/JndiLdapRealm.html#getLdapPrincipal(org.apache.shiro.authc.AuthenticationToken)"><CODE>discovered principal</CODE></A> and provided
<A HREF="../../../../../org/apache/shiro/authc/AuthenticationToken.html#getCredentials()"><CODE>credentials</CODE></A>. If the connection opens successfully, the
authentication attempt is immediately considered successful and a new
<A HREF="../../../../../org/apache/shiro/authc/AuthenticationInfo.html" title="interface in org.apache.shiro.authc"><CODE>AuthenticationInfo</CODE></A> instance is
<A HREF="../../../../../org/apache/shiro/realm/ldap/JndiLdapRealm.html#createAuthenticationInfo(org.apache.shiro.authc.AuthenticationToken, java.lang.Object, java.lang.Object, javax.naming.ldap.LdapContext)"><CODE>created</CODE></A>
and returned. If the connection cannot be opened, either because LDAP authentication failed or some other
JNDI problem, an <A HREF="http://java.sun.com/javase/6/docs/api/javax/naming/NamingException.html?is-external=true" title="class or interface in javax.naming"><CODE>NamingException</CODE></A> will be thrown.
<P>
<DD><DL>
<DT><B>Parameters:</B><DD><CODE>token</CODE> - the submitted authentication token that triggered the authentication attempt.<DD><CODE>ldapContextFactory</CODE> - factory used to retrieve LDAP connections.
<DT><B>Returns:</B><DD>an <A HREF="../../../../../org/apache/shiro/authc/AuthenticationInfo.html" title="interface in org.apache.shiro.authc"><CODE>AuthenticationInfo</CODE></A> instance representing the authenticated user's information.
<DT><B>Throws:</B>
<DD><CODE><A HREF="http://java.sun.com/javase/6/docs/api/javax/naming/NamingException.html?is-external=true" title="class or interface in javax.naming">NamingException</A></CODE> - if any LDAP errors occur.</DL>
</DD>
</DL>
<HR>
<A NAME="createAuthenticationInfo(org.apache.shiro.authc.AuthenticationToken, java.lang.Object, java.lang.Object, javax.naming.ldap.LdapContext)"><!-- --></A><H3>
createAuthenticationInfo</H3>
<PRE>
protected <A HREF="../../../../../org/apache/shiro/authc/AuthenticationInfo.html" title="interface in org.apache.shiro.authc">AuthenticationInfo</A> <A HREF="../../../../../src-html/org/apache/shiro/realm/ldap/JndiLdapRealm.html#line.409"><B>createAuthenticationInfo</B></A>(<A HREF="../../../../../org/apache/shiro/authc/AuthenticationToken.html" title="interface in org.apache.shiro.authc">AuthenticationToken</A>&nbsp;token,
<A HREF="http://java.sun.com/javase/6/docs/api/java/lang/Object.html?is-external=true" title="class or interface in java.lang">Object</A>&nbsp;ldapPrincipal,
<A HREF="http://java.sun.com/javase/6/docs/api/java/lang/Object.html?is-external=true" title="class or interface in java.lang">Object</A>&nbsp;ldapCredentials,
<A HREF="http://java.sun.com/javase/6/docs/api/javax/naming/ldap/LdapContext.html?is-external=true" title="class or interface in javax.naming.ldap">LdapContext</A>&nbsp;ldapContext)
throws <A HREF="http://java.sun.com/javase/6/docs/api/javax/naming/NamingException.html?is-external=true" title="class or interface in javax.naming">NamingException</A></PRE>
<DL>
<DD>Returns the <A HREF="../../../../../org/apache/shiro/authc/AuthenticationInfo.html" title="interface in org.apache.shiro.authc"><CODE>AuthenticationInfo</CODE></A> resulting from a Subject's successful LDAP authentication attempt.
<p/>
This implementation ignores the <code>ldapPrincipal</code>, <code>ldapCredentials</code>, and the opened
<code>ldapContext</code> arguments and merely returns an <code>AuthenticationInfo</code> instance mirroring the
submitted token's principal and credentials. This is acceptable because this method is only ever invoked after
a successful authentication attempt, which means the provided principal and credentials were correct, and can
be used directly to populate the (now verified) <code>AuthenticationInfo</code>.
<p/>
Subclasses however are free to override this method for more advanced construction logic.
<P>
<DD><DL>
<DT><B>Parameters:</B><DD><CODE>token</CODE> - the submitted <code>AuthenticationToken</code> that resulted in a successful authentication<DD><CODE>ldapPrincipal</CODE> - the LDAP principal used when creating the LDAP connection. Unlike the token's
<A HREF="../../../../../org/apache/shiro/authc/AuthenticationToken.html#getPrincipal()"><CODE>principal</CODE></A>, this value is usually a constructed
User DN and not a simple username or uid. The exact value is depending on the
configured
<a href="http://download-llnw.oracle.com/javase/tutorial/jndi/ldap/auth_mechs.html">
LDAP authentication mechanism</a> in use.<DD><CODE>ldapCredentials</CODE> - the LDAP credentials used when creating the LDAP connection.<DD><CODE>ldapContext</CODE> - the LdapContext created that resulted in a successful authentication. It can be used
further by subclasses for more complex operations. It does not need to be closed -
it will be closed automatically after this method returns.
<DT><B>Returns:</B><DD>the <A HREF="../../../../../org/apache/shiro/authc/AuthenticationInfo.html" title="interface in org.apache.shiro.authc"><CODE>AuthenticationInfo</CODE></A> resulting from a Subject's successful LDAP authentication attempt.
<DT><B>Throws:</B>
<DD><CODE><A HREF="http://java.sun.com/javase/6/docs/api/javax/naming/NamingException.html?is-external=true" title="class or interface in javax.naming">NamingException</A></CODE> - if there was any problem using the <code>LdapContext</code></DL>
</DD>
</DL>
<HR>
<A NAME="queryForAuthorizationInfo(org.apache.shiro.subject.PrincipalCollection, org.apache.shiro.realm.ldap.LdapContextFactory)"><!-- --></A><H3>
queryForAuthorizationInfo</H3>
<PRE>
protected <A HREF="../../../../../org/apache/shiro/authz/AuthorizationInfo.html" title="interface in org.apache.shiro.authz">AuthorizationInfo</A> <A HREF="../../../../../src-html/org/apache/shiro/realm/ldap/JndiLdapRealm.html#line.426"><B>queryForAuthorizationInfo</B></A>(<A HREF="../../../../../org/apache/shiro/subject/PrincipalCollection.html" title="interface in org.apache.shiro.subject">PrincipalCollection</A>&nbsp;principals,
<A HREF="../../../../../org/apache/shiro/realm/ldap/LdapContextFactory.html" title="interface in org.apache.shiro.realm.ldap">LdapContextFactory</A>&nbsp;ldapContextFactory)
throws <A HREF="http://java.sun.com/javase/6/docs/api/javax/naming/NamingException.html?is-external=true" title="class or interface in javax.naming">NamingException</A></PRE>
<DL>
<DD>Method that should be implemented by subclasses to build an
<A HREF="../../../../../org/apache/shiro/authz/AuthorizationInfo.html" title="interface in org.apache.shiro.authz"><CODE>AuthorizationInfo</CODE></A> object by querying the LDAP context for the
specified principal.</p>
<P>
<DD><DL>
<DT><B>Parameters:</B><DD><CODE>principals</CODE> - the principals of the Subject whose AuthenticationInfo should be queried from the LDAP server.<DD><CODE>ldapContextFactory</CODE> - factory used to retrieve LDAP connections.
<DT><B>Returns:</B><DD>an <A HREF="../../../../../org/apache/shiro/authz/AuthorizationInfo.html" title="interface in org.apache.shiro.authz"><CODE>AuthorizationInfo</CODE></A> instance containing information retrieved from the LDAP server.
<DT><B>Throws:</B>
<DD><CODE><A HREF="http://java.sun.com/javase/6/docs/api/javax/naming/NamingException.html?is-external=true" title="class or interface in javax.naming">NamingException</A></CODE> - if any LDAP errors occur during the search.</DL>
</DD>
</DL>
<!-- ========= END OF CLASS DATA ========= -->
<HR>
<!-- ======= START OF BOTTOM NAVBAR ====== -->
<A NAME="navbar_bottom"><!-- --></A>
<A HREF="#skip-navbar_bottom" title="Skip navigation links"></A>
<TABLE BORDER="0" WIDTH="100%" CELLPADDING="1" CELLSPACING="0" SUMMARY="">
<TR>
<TD COLSPAN=2 BGCOLOR="#EEEEFF" CLASS="NavBarCell1">
<A NAME="navbar_bottom_firstrow"><!-- --></A>
<TABLE BORDER="0" CELLPADDING="0" CELLSPACING="3" SUMMARY="">
<TR ALIGN="center" VALIGN="top">
<TD BGCOLOR="#EEEEFF" CLASS="NavBarCell1"> <A HREF="../../../../../overview-summary.html"><FONT CLASS="NavBarFont1"><B>Overview</B></FONT></A>&nbsp;</TD>
<TD BGCOLOR="#EEEEFF" CLASS="NavBarCell1"> <A HREF="package-summary.html"><FONT CLASS="NavBarFont1"><B>Package</B></FONT></A>&nbsp;</TD>
<TD BGCOLOR="#FFFFFF" CLASS="NavBarCell1Rev"> &nbsp;<FONT CLASS="NavBarFont1Rev"><B>Class</B></FONT>&nbsp;</TD>
<TD BGCOLOR="#EEEEFF" CLASS="NavBarCell1"> <A HREF="class-use/JndiLdapRealm.html"><FONT CLASS="NavBarFont1"><B>Use</B></FONT></A>&nbsp;</TD>
<TD BGCOLOR="#EEEEFF" CLASS="NavBarCell1"> <A HREF="package-tree.html"><FONT CLASS="NavBarFont1"><B>Tree</B></FONT></A>&nbsp;</TD>
<TD BGCOLOR="#EEEEFF" CLASS="NavBarCell1"> <A HREF="../../../../../deprecated-list.html"><FONT CLASS="NavBarFont1"><B>Deprecated</B></FONT></A>&nbsp;</TD>
<TD BGCOLOR="#EEEEFF" CLASS="NavBarCell1"> <A HREF="../../../../../index-all.html"><FONT CLASS="NavBarFont1"><B>Index</B></FONT></A>&nbsp;</TD>
<TD BGCOLOR="#EEEEFF" CLASS="NavBarCell1"> <A HREF="../../../../../help-doc.html"><FONT CLASS="NavBarFont1"><B>Help</B></FONT></A>&nbsp;</TD>
</TR>
</TABLE>
</TD>
<TD ALIGN="right" VALIGN="top" ROWSPAN=3><EM>
</EM>
</TD>
</TR>
<TR>
<TD BGCOLOR="white" CLASS="NavBarCell2"><FONT SIZE="-2">
&nbsp;<A HREF="../../../../../org/apache/shiro/realm/ldap/JndiLdapContextFactory.html" title="class in org.apache.shiro.realm.ldap"><B>PREV CLASS</B></A>&nbsp;
&nbsp;<A HREF="../../../../../org/apache/shiro/realm/ldap/LdapContextFactory.html" title="interface in org.apache.shiro.realm.ldap"><B>NEXT CLASS</B></A></FONT></TD>
<TD BGCOLOR="white" CLASS="NavBarCell2"><FONT SIZE="-2">
<A HREF="../../../../../index.html?org/apache/shiro/realm/ldap/JndiLdapRealm.html" target="_top"><B>FRAMES</B></A> &nbsp;
&nbsp;<A HREF="JndiLdapRealm.html" target="_top"><B>NO FRAMES</B></A> &nbsp;
&nbsp;<SCRIPT type="text/javascript">
<!--
if(window==top) {
document.writeln('<A HREF="../../../../../allclasses-noframe.html"><B>All Classes</B></A>');
}
//-->
</SCRIPT>
<NOSCRIPT>
<A HREF="../../../../../allclasses-noframe.html"><B>All Classes</B></A>
</NOSCRIPT>
</FONT></TD>
</TR>
<TR>
<TD VALIGN="top" CLASS="NavBarCell3"><FONT SIZE="-2">
SUMMARY:&nbsp;NESTED&nbsp;|&nbsp;FIELD&nbsp;|&nbsp;<A HREF="#constructor_summary">CONSTR</A>&nbsp;|&nbsp;<A HREF="#method_summary">METHOD</A></FONT></TD>
<TD VALIGN="top" CLASS="NavBarCell3"><FONT SIZE="-2">
DETAIL:&nbsp;FIELD&nbsp;|&nbsp;<A HREF="#constructor_detail">CONSTR</A>&nbsp;|&nbsp;<A HREF="#method_detail">METHOD</A></FONT></TD>
</TR>
</TABLE>
<A NAME="skip-navbar_bottom"></A>
<!-- ======== END OF BOTTOM NAVBAR ======= -->
<HR>
Copyright &#169; 2004-2016 <a href="http://www.apache.org/">The Apache Software Foundation</a>. All Rights Reserved.
</BODY>
</HTML>