| <!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN" "http://www.w3.org/TR/html4/loose.dtd"> |
| <!--NewPage--> |
| <HTML> |
| <HEAD> |
| <!-- Generated by javadoc (build 1.6.0_65) on Fri Mar 04 17:58:56 EST 2016 --> |
| <META http-equiv="Content-Type" content="text/html; charset=UTF-8"> |
| <TITLE> |
| JndiLdapRealm (Apache Shiro 1.2.4 API) |
| </TITLE> |
| |
| <META NAME="date" CONTENT="2016-03-04"> |
| |
| <LINK REL ="stylesheet" TYPE="text/css" HREF="../../../../../stylesheet.css" TITLE="Style"> |
| |
| <SCRIPT type="text/javascript"> |
| function windowTitle() |
| { |
| if (location.href.indexOf('is-external=true') == -1) { |
| parent.document.title="JndiLdapRealm (Apache Shiro 1.2.4 API)"; |
| } |
| } |
| </SCRIPT> |
| <NOSCRIPT> |
| </NOSCRIPT> |
| |
| </HEAD> |
| |
| <BODY BGCOLOR="white" onload="windowTitle();"> |
| <HR> |
| |
| |
| <!-- ========= START OF TOP NAVBAR ======= --> |
| <A NAME="navbar_top"><!-- --></A> |
| <A HREF="#skip-navbar_top" title="Skip navigation links"></A> |
| <TABLE BORDER="0" WIDTH="100%" CELLPADDING="1" CELLSPACING="0" SUMMARY=""> |
| <TR> |
| <TD COLSPAN=2 BGCOLOR="#EEEEFF" CLASS="NavBarCell1"> |
| <A NAME="navbar_top_firstrow"><!-- --></A> |
| <TABLE BORDER="0" CELLPADDING="0" CELLSPACING="3" SUMMARY=""> |
| <TR ALIGN="center" VALIGN="top"> |
| <TD BGCOLOR="#EEEEFF" CLASS="NavBarCell1"> <A HREF="../../../../../overview-summary.html"><FONT CLASS="NavBarFont1"><B>Overview</B></FONT></A> </TD> |
| <TD BGCOLOR="#EEEEFF" CLASS="NavBarCell1"> <A HREF="package-summary.html"><FONT CLASS="NavBarFont1"><B>Package</B></FONT></A> </TD> |
| <TD BGCOLOR="#FFFFFF" CLASS="NavBarCell1Rev"> <FONT CLASS="NavBarFont1Rev"><B>Class</B></FONT> </TD> |
| <TD BGCOLOR="#EEEEFF" CLASS="NavBarCell1"> <A HREF="class-use/JndiLdapRealm.html"><FONT CLASS="NavBarFont1"><B>Use</B></FONT></A> </TD> |
| <TD BGCOLOR="#EEEEFF" CLASS="NavBarCell1"> <A HREF="package-tree.html"><FONT CLASS="NavBarFont1"><B>Tree</B></FONT></A> </TD> |
| <TD BGCOLOR="#EEEEFF" CLASS="NavBarCell1"> <A HREF="../../../../../deprecated-list.html"><FONT CLASS="NavBarFont1"><B>Deprecated</B></FONT></A> </TD> |
| <TD BGCOLOR="#EEEEFF" CLASS="NavBarCell1"> <A HREF="../../../../../index-all.html"><FONT CLASS="NavBarFont1"><B>Index</B></FONT></A> </TD> |
| <TD BGCOLOR="#EEEEFF" CLASS="NavBarCell1"> <A HREF="../../../../../help-doc.html"><FONT CLASS="NavBarFont1"><B>Help</B></FONT></A> </TD> |
| </TR> |
| </TABLE> |
| </TD> |
| <TD ALIGN="right" VALIGN="top" ROWSPAN=3><EM> |
| </EM> |
| </TD> |
| </TR> |
| |
| <TR> |
| <TD BGCOLOR="white" CLASS="NavBarCell2"><FONT SIZE="-2"> |
| <A HREF="../../../../../org/apache/shiro/realm/ldap/JndiLdapContextFactory.html" title="class in org.apache.shiro.realm.ldap"><B>PREV CLASS</B></A> |
| <A HREF="../../../../../org/apache/shiro/realm/ldap/LdapContextFactory.html" title="interface in org.apache.shiro.realm.ldap"><B>NEXT CLASS</B></A></FONT></TD> |
| <TD BGCOLOR="white" CLASS="NavBarCell2"><FONT SIZE="-2"> |
| <A HREF="../../../../../index.html?org/apache/shiro/realm/ldap/JndiLdapRealm.html" target="_top"><B>FRAMES</B></A> |
| <A HREF="JndiLdapRealm.html" target="_top"><B>NO FRAMES</B></A> |
| <SCRIPT type="text/javascript"> |
| <!-- |
| if(window==top) { |
| document.writeln('<A HREF="../../../../../allclasses-noframe.html"><B>All Classes</B></A>'); |
| } |
| //--> |
| </SCRIPT> |
| <NOSCRIPT> |
| <A HREF="../../../../../allclasses-noframe.html"><B>All Classes</B></A> |
| </NOSCRIPT> |
| |
| |
| </FONT></TD> |
| </TR> |
| <TR> |
| <TD VALIGN="top" CLASS="NavBarCell3"><FONT SIZE="-2"> |
| SUMMARY: NESTED | FIELD | <A HREF="#constructor_summary">CONSTR</A> | <A HREF="#method_summary">METHOD</A></FONT></TD> |
| <TD VALIGN="top" CLASS="NavBarCell3"><FONT SIZE="-2"> |
| DETAIL: FIELD | <A HREF="#constructor_detail">CONSTR</A> | <A HREF="#method_detail">METHOD</A></FONT></TD> |
| </TR> |
| </TABLE> |
| <A NAME="skip-navbar_top"></A> |
| <!-- ========= END OF TOP NAVBAR ========= --> |
| |
| <HR> |
| <!-- ======== START OF CLASS DATA ======== --> |
| <H2> |
| <FONT SIZE="-1"> |
| org.apache.shiro.realm.ldap</FONT> |
| <BR> |
| Class JndiLdapRealm</H2> |
| <PRE> |
| <A HREF="http://java.sun.com/javase/6/docs/api/java/lang/Object.html?is-external=true" title="class or interface in java.lang">java.lang.Object</A> |
| <IMG SRC="../../../../../resources/inherit.gif" ALT="extended by "><A HREF="../../../../../org/apache/shiro/realm/CachingRealm.html" title="class in org.apache.shiro.realm">org.apache.shiro.realm.CachingRealm</A> |
| <IMG SRC="../../../../../resources/inherit.gif" ALT="extended by "><A HREF="../../../../../org/apache/shiro/realm/AuthenticatingRealm.html" title="class in org.apache.shiro.realm">org.apache.shiro.realm.AuthenticatingRealm</A> |
| <IMG SRC="../../../../../resources/inherit.gif" ALT="extended by "><A HREF="../../../../../org/apache/shiro/realm/AuthorizingRealm.html" title="class in org.apache.shiro.realm">org.apache.shiro.realm.AuthorizingRealm</A> |
| <IMG SRC="../../../../../resources/inherit.gif" ALT="extended by "><B>org.apache.shiro.realm.ldap.JndiLdapRealm</B> |
| </PRE> |
| <DL> |
| <DT><B>All Implemented Interfaces:</B> <DD><A HREF="../../../../../org/apache/shiro/authc/LogoutAware.html" title="interface in org.apache.shiro.authc">LogoutAware</A>, <A HREF="../../../../../org/apache/shiro/authz/Authorizer.html" title="interface in org.apache.shiro.authz">Authorizer</A>, <A HREF="../../../../../org/apache/shiro/authz/permission/PermissionResolverAware.html" title="interface in org.apache.shiro.authz.permission">PermissionResolverAware</A>, <A HREF="../../../../../org/apache/shiro/authz/permission/RolePermissionResolverAware.html" title="interface in org.apache.shiro.authz.permission">RolePermissionResolverAware</A>, <A HREF="../../../../../org/apache/shiro/cache/CacheManagerAware.html" title="interface in org.apache.shiro.cache">CacheManagerAware</A>, <A HREF="../../../../../org/apache/shiro/realm/Realm.html" title="interface in org.apache.shiro.realm">Realm</A>, <A HREF="../../../../../org/apache/shiro/util/Initializable.html" title="interface in org.apache.shiro.util">Initializable</A>, <A HREF="../../../../../org/apache/shiro/util/Nameable.html" title="interface in org.apache.shiro.util">Nameable</A></DD> |
| </DL> |
| <HR> |
| <DL> |
| <DT><PRE>public class <A HREF="../../../../../src-html/org/apache/shiro/realm/ldap/JndiLdapRealm.html#line.84"><B>JndiLdapRealm</B></A><DT>extends <A HREF="../../../../../org/apache/shiro/realm/AuthorizingRealm.html" title="class in org.apache.shiro.realm">AuthorizingRealm</A></DL> |
| </PRE> |
| |
| <P> |
| An LDAP <A HREF="../../../../../org/apache/shiro/realm/Realm.html" title="interface in org.apache.shiro.realm"><CODE>Realm</CODE></A> implementation utilizing Sun's/Oracle's |
| <a href="http://download-llnw.oracle.com/javase/tutorial/jndi/ldap/jndi.html">JNDI API as an LDAP API</a>. This is |
| Shiro's default implementation for supporting LDAP, as using the JNDI API has been a common approach for Java LDAP |
| support for many years. |
| <p/> |
| This realm implementation and its backing <A HREF="../../../../../org/apache/shiro/realm/ldap/JndiLdapContextFactory.html" title="class in org.apache.shiro.realm.ldap"><CODE>JndiLdapContextFactory</CODE></A> should cover 99% of all Shiro-related LDAP |
| authentication and authorization needs. However, if it does not suit your needs, you might want to look into |
| creating your own realm using an alternative, perhaps more robust, LDAP communication API, such as the |
| <a href="http://directory.apache.org/api/">Apache LDAP API</a>. |
| <h2>Authentication</h2> |
| During an authentication attempt, if the submitted <code>AuthenticationToken</code>'s |
| <A HREF="../../../../../org/apache/shiro/authc/AuthenticationToken.html#getPrincipal()"><CODE>principal</CODE></A> is a simple username, but the |
| LDAP directory expects a complete User Distinguished Name (User DN) to establish a connection, the |
| <A HREF="../../../../../org/apache/shiro/realm/ldap/JndiLdapRealm.html#setUserDnTemplate(java.lang.String)"><CODE>userDnTemplate</CODE></A> property must be configured. If not configured, |
| the property will pass the simple username directly as the User DN, which is often incorrect in most LDAP |
| environments (maybe Microsoft ActiveDirectory being the exception). |
| <h2>Authorization</h2> |
| By default, authorization is effectively disabled due to the default |
| <A HREF="../../../../../org/apache/shiro/realm/ldap/JndiLdapRealm.html#doGetAuthorizationInfo(org.apache.shiro.subject.PrincipalCollection)"><CODE>doGetAuthorizationInfo(org.apache.shiro.subject.PrincipalCollection)</CODE></A> implementation returning <code>null</code>. |
| If you wish to perform authorization based on an LDAP schema, you must subclass this one |
| and override that method to reflect your organization's data model. |
| <h2>Configuration</h2> |
| This class primarily provides the <A HREF="../../../../../org/apache/shiro/realm/ldap/JndiLdapRealm.html#setUserDnTemplate(java.lang.String)"><CODE>userDnTemplate</CODE></A> property to allow you to specify |
| the your LDAP server's User DN format. Most other configuration is performed via the nested |
| <A HREF="../../../../../org/apache/shiro/realm/ldap/LdapContextFactory.html" title="interface in org.apache.shiro.realm.ldap"><CODE>contextFactory</CODE></A> property. |
| <p/> |
| For example, defining this realm in Shiro .ini: |
| <pre> |
| [main] |
| ldapRealm = org.apache.shiro.realm.ldap.JndiLdapRealm |
| ldapRealm.userDnTemplate = uid={0},ou=users,dc=mycompany,dc=com |
| ldapRealm.contextFactory.url = ldap://ldapHost:389 |
| ldapRealm.contextFactory.authenticationMechanism = DIGEST-MD5 |
| ldapRealm.contextFactory.environment[some.obscure.jndi.key] = some value |
| ... |
| </pre> |
| The default <A HREF="../../../../../org/apache/shiro/realm/ldap/JndiLdapRealm.html#setContextFactory(org.apache.shiro.realm.ldap.LdapContextFactory)"><CODE>contextFactory</CODE></A> instance is a <A HREF="../../../../../org/apache/shiro/realm/ldap/JndiLdapContextFactory.html" title="class in org.apache.shiro.realm.ldap"><CODE>JndiLdapContextFactory</CODE></A>. See that |
| class's JavaDoc for more information on configuring the LDAP connection as well as specifying JNDI environment |
| properties as necessary. |
| <P> |
| |
| <P> |
| <DL> |
| <DT><B>Since:</B></DT> |
| <DD>1.1</DD> |
| <DT><B>See Also:</B><DD><A HREF="../../../../../org/apache/shiro/realm/ldap/JndiLdapContextFactory.html" title="class in org.apache.shiro.realm.ldap"><CODE>JndiLdapContextFactory</CODE></A></DL> |
| <HR> |
| |
| <P> |
| |
| <!-- ======== CONSTRUCTOR SUMMARY ======== --> |
| |
| <A NAME="constructor_summary"><!-- --></A> |
| <TABLE BORDER="1" WIDTH="100%" CELLPADDING="3" CELLSPACING="0" SUMMARY=""> |
| <TR BGCOLOR="#CCCCFF" CLASS="TableHeadingColor"> |
| <TH ALIGN="left" COLSPAN="2"><FONT SIZE="+2"> |
| <B>Constructor Summary</B></FONT></TH> |
| </TR> |
| <TR BGCOLOR="white" CLASS="TableRowColor"> |
| <TD><CODE><B><A HREF="../../../../../org/apache/shiro/realm/ldap/JndiLdapRealm.html#JndiLdapRealm()">JndiLdapRealm</A></B>()</CODE> |
| |
| <BR> |
| Default no-argument constructor that defaults the internal <A HREF="../../../../../org/apache/shiro/realm/ldap/LdapContextFactory.html" title="interface in org.apache.shiro.realm.ldap"><CODE>LdapContextFactory</CODE></A> instance to a |
| <A HREF="../../../../../org/apache/shiro/realm/ldap/JndiLdapContextFactory.html" title="class in org.apache.shiro.realm.ldap"><CODE>JndiLdapContextFactory</CODE></A>.</TD> |
| </TR> |
| </TABLE> |
| |
| <!-- ========== METHOD SUMMARY =========== --> |
| |
| <A NAME="method_summary"><!-- --></A> |
| <TABLE BORDER="1" WIDTH="100%" CELLPADDING="3" CELLSPACING="0" SUMMARY=""> |
| <TR BGCOLOR="#CCCCFF" CLASS="TableHeadingColor"> |
| <TH ALIGN="left" COLSPAN="2"><FONT SIZE="+2"> |
| <B>Method Summary</B></FONT></TH> |
| </TR> |
| <TR BGCOLOR="white" CLASS="TableRowColor"> |
| <TD ALIGN="right" VALIGN="top" WIDTH="1%"><FONT SIZE="-1"> |
| <CODE>protected <A HREF="../../../../../org/apache/shiro/authc/AuthenticationInfo.html" title="interface in org.apache.shiro.authc">AuthenticationInfo</A></CODE></FONT></TD> |
| <TD><CODE><B><A HREF="../../../../../org/apache/shiro/realm/ldap/JndiLdapRealm.html#createAuthenticationInfo(org.apache.shiro.authc.AuthenticationToken, java.lang.Object, java.lang.Object, javax.naming.ldap.LdapContext)">createAuthenticationInfo</A></B>(<A HREF="../../../../../org/apache/shiro/authc/AuthenticationToken.html" title="interface in org.apache.shiro.authc">AuthenticationToken</A> token, |
| <A HREF="http://java.sun.com/javase/6/docs/api/java/lang/Object.html?is-external=true" title="class or interface in java.lang">Object</A> ldapPrincipal, |
| <A HREF="http://java.sun.com/javase/6/docs/api/java/lang/Object.html?is-external=true" title="class or interface in java.lang">Object</A> ldapCredentials, |
| <A HREF="http://java.sun.com/javase/6/docs/api/javax/naming/ldap/LdapContext.html?is-external=true" title="class or interface in javax.naming.ldap">LdapContext</A> ldapContext)</CODE> |
| |
| <BR> |
| Returns the <A HREF="../../../../../org/apache/shiro/authc/AuthenticationInfo.html" title="interface in org.apache.shiro.authc"><CODE>AuthenticationInfo</CODE></A> resulting from a Subject's successful LDAP authentication attempt.</TD> |
| </TR> |
| <TR BGCOLOR="white" CLASS="TableRowColor"> |
| <TD ALIGN="right" VALIGN="top" WIDTH="1%"><FONT SIZE="-1"> |
| <CODE>protected <A HREF="../../../../../org/apache/shiro/authc/AuthenticationInfo.html" title="interface in org.apache.shiro.authc">AuthenticationInfo</A></CODE></FONT></TD> |
| <TD><CODE><B><A HREF="../../../../../org/apache/shiro/realm/ldap/JndiLdapRealm.html#doGetAuthenticationInfo(org.apache.shiro.authc.AuthenticationToken)">doGetAuthenticationInfo</A></B>(<A HREF="../../../../../org/apache/shiro/authc/AuthenticationToken.html" title="interface in org.apache.shiro.authc">AuthenticationToken</A> token)</CODE> |
| |
| <BR> |
| Delegates to <A HREF="../../../../../org/apache/shiro/realm/ldap/JndiLdapRealm.html#queryForAuthenticationInfo(org.apache.shiro.authc.AuthenticationToken, org.apache.shiro.realm.ldap.LdapContextFactory)"><CODE>queryForAuthenticationInfo(org.apache.shiro.authc.AuthenticationToken, LdapContextFactory)</CODE></A>, |
| wrapping any <A HREF="http://java.sun.com/javase/6/docs/api/javax/naming/NamingException.html?is-external=true" title="class or interface in javax.naming"><CODE>NamingException</CODE></A>s in a Shiro <A HREF="../../../../../org/apache/shiro/authc/AuthenticationException.html" title="class in org.apache.shiro.authc"><CODE>AuthenticationException</CODE></A> to satisfy the parent method |
| signature.</TD> |
| </TR> |
| <TR BGCOLOR="white" CLASS="TableRowColor"> |
| <TD ALIGN="right" VALIGN="top" WIDTH="1%"><FONT SIZE="-1"> |
| <CODE>protected <A HREF="../../../../../org/apache/shiro/authz/AuthorizationInfo.html" title="interface in org.apache.shiro.authz">AuthorizationInfo</A></CODE></FONT></TD> |
| <TD><CODE><B><A HREF="../../../../../org/apache/shiro/realm/ldap/JndiLdapRealm.html#doGetAuthorizationInfo(org.apache.shiro.subject.PrincipalCollection)">doGetAuthorizationInfo</A></B>(<A HREF="../../../../../org/apache/shiro/subject/PrincipalCollection.html" title="interface in org.apache.shiro.subject">PrincipalCollection</A> principals)</CODE> |
| |
| <BR> |
| Retrieves the AuthorizationInfo for the given principals from the underlying data store.</TD> |
| </TR> |
| <TR BGCOLOR="white" CLASS="TableRowColor"> |
| <TD ALIGN="right" VALIGN="top" WIDTH="1%"><FONT SIZE="-1"> |
| <CODE> <A HREF="../../../../../org/apache/shiro/realm/ldap/LdapContextFactory.html" title="interface in org.apache.shiro.realm.ldap">LdapContextFactory</A></CODE></FONT></TD> |
| <TD><CODE><B><A HREF="../../../../../org/apache/shiro/realm/ldap/JndiLdapRealm.html#getContextFactory()">getContextFactory</A></B>()</CODE> |
| |
| <BR> |
| Returns the LdapContextFactory instance used to acquire connections to the LDAP directory during authentication |
| attempts and authorization queries.</TD> |
| </TR> |
| <TR BGCOLOR="white" CLASS="TableRowColor"> |
| <TD ALIGN="right" VALIGN="top" WIDTH="1%"><FONT SIZE="-1"> |
| <CODE>protected <A HREF="http://java.sun.com/javase/6/docs/api/java/lang/Object.html?is-external=true" title="class or interface in java.lang">Object</A></CODE></FONT></TD> |
| <TD><CODE><B><A HREF="../../../../../org/apache/shiro/realm/ldap/JndiLdapRealm.html#getLdapPrincipal(org.apache.shiro.authc.AuthenticationToken)">getLdapPrincipal</A></B>(<A HREF="../../../../../org/apache/shiro/authc/AuthenticationToken.html" title="interface in org.apache.shiro.authc">AuthenticationToken</A> token)</CODE> |
| |
| <BR> |
| Returns the principal to use when creating the LDAP connection for an authentication attempt.</TD> |
| </TR> |
| <TR BGCOLOR="white" CLASS="TableRowColor"> |
| <TD ALIGN="right" VALIGN="top" WIDTH="1%"><FONT SIZE="-1"> |
| <CODE>protected <A HREF="http://java.sun.com/javase/6/docs/api/java/lang/String.html?is-external=true" title="class or interface in java.lang">String</A></CODE></FONT></TD> |
| <TD><CODE><B><A HREF="../../../../../org/apache/shiro/realm/ldap/JndiLdapRealm.html#getUserDn(java.lang.String)">getUserDn</A></B>(<A HREF="http://java.sun.com/javase/6/docs/api/java/lang/String.html?is-external=true" title="class or interface in java.lang">String</A> principal)</CODE> |
| |
| <BR> |
| Returns the LDAP User Distinguished Name (DN) to use when acquiring an |
| <A HREF="http://java.sun.com/javase/6/docs/api/javax/naming/ldap/LdapContext.html?is-external=true" title="class or interface in javax.naming.ldap"><CODE>LdapContext</CODE></A> from the <A HREF="../../../../../org/apache/shiro/realm/ldap/LdapContextFactory.html" title="interface in org.apache.shiro.realm.ldap"><CODE>LdapContextFactory</CODE></A>.</TD> |
| </TR> |
| <TR BGCOLOR="white" CLASS="TableRowColor"> |
| <TD ALIGN="right" VALIGN="top" WIDTH="1%"><FONT SIZE="-1"> |
| <CODE>protected <A HREF="http://java.sun.com/javase/6/docs/api/java/lang/String.html?is-external=true" title="class or interface in java.lang">String</A></CODE></FONT></TD> |
| <TD><CODE><B><A HREF="../../../../../org/apache/shiro/realm/ldap/JndiLdapRealm.html#getUserDnPrefix()">getUserDnPrefix</A></B>()</CODE> |
| |
| <BR> |
| Returns the User DN prefix to use when building a runtime User DN value or <code>null</code> if no |
| <A HREF="../../../../../org/apache/shiro/realm/ldap/JndiLdapRealm.html#getUserDnTemplate()"><CODE>userDnTemplate</CODE></A> has been configured.</TD> |
| </TR> |
| <TR BGCOLOR="white" CLASS="TableRowColor"> |
| <TD ALIGN="right" VALIGN="top" WIDTH="1%"><FONT SIZE="-1"> |
| <CODE>protected <A HREF="http://java.sun.com/javase/6/docs/api/java/lang/String.html?is-external=true" title="class or interface in java.lang">String</A></CODE></FONT></TD> |
| <TD><CODE><B><A HREF="../../../../../org/apache/shiro/realm/ldap/JndiLdapRealm.html#getUserDnSuffix()">getUserDnSuffix</A></B>()</CODE> |
| |
| <BR> |
| Returns the User DN suffix to use when building a runtime User DN value.</TD> |
| </TR> |
| <TR BGCOLOR="white" CLASS="TableRowColor"> |
| <TD ALIGN="right" VALIGN="top" WIDTH="1%"><FONT SIZE="-1"> |
| <CODE> <A HREF="http://java.sun.com/javase/6/docs/api/java/lang/String.html?is-external=true" title="class or interface in java.lang">String</A></CODE></FONT></TD> |
| <TD><CODE><B><A HREF="../../../../../org/apache/shiro/realm/ldap/JndiLdapRealm.html#getUserDnTemplate()">getUserDnTemplate</A></B>()</CODE> |
| |
| <BR> |
| Returns the User Distinguished Name (DN) template to use when creating User DNs at runtime - see the |
| <A HREF="../../../../../org/apache/shiro/realm/ldap/JndiLdapRealm.html#setUserDnTemplate(java.lang.String)"><CODE>setUserDnTemplate</CODE></A> JavaDoc for a full explanation.</TD> |
| </TR> |
| <TR BGCOLOR="white" CLASS="TableRowColor"> |
| <TD ALIGN="right" VALIGN="top" WIDTH="1%"><FONT SIZE="-1"> |
| <CODE>protected <A HREF="../../../../../org/apache/shiro/authc/AuthenticationInfo.html" title="interface in org.apache.shiro.authc">AuthenticationInfo</A></CODE></FONT></TD> |
| <TD><CODE><B><A HREF="../../../../../org/apache/shiro/realm/ldap/JndiLdapRealm.html#queryForAuthenticationInfo(org.apache.shiro.authc.AuthenticationToken, org.apache.shiro.realm.ldap.LdapContextFactory)">queryForAuthenticationInfo</A></B>(<A HREF="../../../../../org/apache/shiro/authc/AuthenticationToken.html" title="interface in org.apache.shiro.authc">AuthenticationToken</A> token, |
| <A HREF="../../../../../org/apache/shiro/realm/ldap/LdapContextFactory.html" title="interface in org.apache.shiro.realm.ldap">LdapContextFactory</A> ldapContextFactory)</CODE> |
| |
| <BR> |
| This implementation opens an LDAP connection using the token's |
| <A HREF="../../../../../org/apache/shiro/realm/ldap/JndiLdapRealm.html#getLdapPrincipal(org.apache.shiro.authc.AuthenticationToken)"><CODE>discovered principal</CODE></A> and provided |
| <A HREF="../../../../../org/apache/shiro/authc/AuthenticationToken.html#getCredentials()"><CODE>credentials</CODE></A>.</TD> |
| </TR> |
| <TR BGCOLOR="white" CLASS="TableRowColor"> |
| <TD ALIGN="right" VALIGN="top" WIDTH="1%"><FONT SIZE="-1"> |
| <CODE>protected <A HREF="../../../../../org/apache/shiro/authz/AuthorizationInfo.html" title="interface in org.apache.shiro.authz">AuthorizationInfo</A></CODE></FONT></TD> |
| <TD><CODE><B><A HREF="../../../../../org/apache/shiro/realm/ldap/JndiLdapRealm.html#queryForAuthorizationInfo(org.apache.shiro.subject.PrincipalCollection, org.apache.shiro.realm.ldap.LdapContextFactory)">queryForAuthorizationInfo</A></B>(<A HREF="../../../../../org/apache/shiro/subject/PrincipalCollection.html" title="interface in org.apache.shiro.subject">PrincipalCollection</A> principals, |
| <A HREF="../../../../../org/apache/shiro/realm/ldap/LdapContextFactory.html" title="interface in org.apache.shiro.realm.ldap">LdapContextFactory</A> ldapContextFactory)</CODE> |
| |
| <BR> |
| Method that should be implemented by subclasses to build an |
| <A HREF="../../../../../org/apache/shiro/authz/AuthorizationInfo.html" title="interface in org.apache.shiro.authz"><CODE>AuthorizationInfo</CODE></A> object by querying the LDAP context for the |
| specified principal.</TD> |
| </TR> |
| <TR BGCOLOR="white" CLASS="TableRowColor"> |
| <TD ALIGN="right" VALIGN="top" WIDTH="1%"><FONT SIZE="-1"> |
| <CODE> void</CODE></FONT></TD> |
| <TD><CODE><B><A HREF="../../../../../org/apache/shiro/realm/ldap/JndiLdapRealm.html#setContextFactory(org.apache.shiro.realm.ldap.LdapContextFactory)">setContextFactory</A></B>(<A HREF="../../../../../org/apache/shiro/realm/ldap/LdapContextFactory.html" title="interface in org.apache.shiro.realm.ldap">LdapContextFactory</A> contextFactory)</CODE> |
| |
| <BR> |
| Sets the LdapContextFactory instance used to acquire connections to the LDAP directory during authentication |
| attempts and authorization queries.</TD> |
| </TR> |
| <TR BGCOLOR="white" CLASS="TableRowColor"> |
| <TD ALIGN="right" VALIGN="top" WIDTH="1%"><FONT SIZE="-1"> |
| <CODE> void</CODE></FONT></TD> |
| <TD><CODE><B><A HREF="../../../../../org/apache/shiro/realm/ldap/JndiLdapRealm.html#setUserDnTemplate(java.lang.String)">setUserDnTemplate</A></B>(<A HREF="http://java.sun.com/javase/6/docs/api/java/lang/String.html?is-external=true" title="class or interface in java.lang">String</A> template)</CODE> |
| |
| <BR> |
| Sets the User Distinguished Name (DN) template to use when creating User DNs at runtime.</TD> |
| </TR> |
| </TABLE> |
| <A NAME="methods_inherited_from_class_org.apache.shiro.realm.AuthorizingRealm"><!-- --></A> |
| <TABLE BORDER="1" WIDTH="100%" CELLPADDING="3" CELLSPACING="0" SUMMARY=""> |
| <TR BGCOLOR="#EEEEFF" CLASS="TableSubHeadingColor"> |
| <TH ALIGN="left"><B>Methods inherited from class org.apache.shiro.realm.<A HREF="../../../../../org/apache/shiro/realm/AuthorizingRealm.html" title="class in org.apache.shiro.realm">AuthorizingRealm</A></B></TH> |
| </TR> |
| <TR BGCOLOR="white" CLASS="TableRowColor"> |
| <TD><CODE><A HREF="../../../../../org/apache/shiro/realm/AuthorizingRealm.html#afterCacheManagerSet()">afterCacheManagerSet</A>, <A HREF="../../../../../org/apache/shiro/realm/AuthorizingRealm.html#checkPermission(org.apache.shiro.authz.Permission, org.apache.shiro.authz.AuthorizationInfo)">checkPermission</A>, <A HREF="../../../../../org/apache/shiro/realm/AuthorizingRealm.html#checkPermission(org.apache.shiro.subject.PrincipalCollection, org.apache.shiro.authz.Permission)">checkPermission</A>, <A HREF="../../../../../org/apache/shiro/realm/AuthorizingRealm.html#checkPermission(org.apache.shiro.subject.PrincipalCollection, java.lang.String)">checkPermission</A>, <A HREF="../../../../../org/apache/shiro/realm/AuthorizingRealm.html#checkPermissions(java.util.Collection, org.apache.shiro.authz.AuthorizationInfo)">checkPermissions</A>, <A HREF="../../../../../org/apache/shiro/realm/AuthorizingRealm.html#checkPermissions(org.apache.shiro.subject.PrincipalCollection, java.util.Collection)">checkPermissions</A>, <A HREF="../../../../../org/apache/shiro/realm/AuthorizingRealm.html#checkPermissions(org.apache.shiro.subject.PrincipalCollection, java.lang.String...)">checkPermissions</A>, <A HREF="../../../../../org/apache/shiro/realm/AuthorizingRealm.html#checkRole(org.apache.shiro.subject.PrincipalCollection, java.lang.String)">checkRole</A>, <A HREF="../../../../../org/apache/shiro/realm/AuthorizingRealm.html#checkRole(java.lang.String, org.apache.shiro.authz.AuthorizationInfo)">checkRole</A>, <A HREF="../../../../../org/apache/shiro/realm/AuthorizingRealm.html#checkRoles(java.util.Collection, org.apache.shiro.authz.AuthorizationInfo)">checkRoles</A>, <A HREF="../../../../../org/apache/shiro/realm/AuthorizingRealm.html#checkRoles(org.apache.shiro.subject.PrincipalCollection, java.util.Collection)">checkRoles</A>, <A HREF="../../../../../org/apache/shiro/realm/AuthorizingRealm.html#checkRoles(org.apache.shiro.subject.PrincipalCollection, java.lang.String...)">checkRoles</A>, <A HREF="../../../../../org/apache/shiro/realm/AuthorizingRealm.html#clearCachedAuthorizationInfo(org.apache.shiro.subject.PrincipalCollection)">clearCachedAuthorizationInfo</A>, <A HREF="../../../../../org/apache/shiro/realm/AuthorizingRealm.html#doClearCache(org.apache.shiro.subject.PrincipalCollection)">doClearCache</A>, <A HREF="../../../../../org/apache/shiro/realm/AuthorizingRealm.html#getAuthorizationCache()">getAuthorizationCache</A>, <A HREF="../../../../../org/apache/shiro/realm/AuthorizingRealm.html#getAuthorizationCacheKey(org.apache.shiro.subject.PrincipalCollection)">getAuthorizationCacheKey</A>, <A HREF="../../../../../org/apache/shiro/realm/AuthorizingRealm.html#getAuthorizationCacheName()">getAuthorizationCacheName</A>, <A HREF="../../../../../org/apache/shiro/realm/AuthorizingRealm.html#getAuthorizationInfo(org.apache.shiro.subject.PrincipalCollection)">getAuthorizationInfo</A>, <A HREF="../../../../../org/apache/shiro/realm/AuthorizingRealm.html#getPermissionResolver()">getPermissionResolver</A>, <A HREF="../../../../../org/apache/shiro/realm/AuthorizingRealm.html#getPermissions(org.apache.shiro.authz.AuthorizationInfo)">getPermissions</A>, <A HREF="../../../../../org/apache/shiro/realm/AuthorizingRealm.html#getRolePermissionResolver()">getRolePermissionResolver</A>, <A HREF="../../../../../org/apache/shiro/realm/AuthorizingRealm.html#hasAllRoles(org.apache.shiro.subject.PrincipalCollection, java.util.Collection)">hasAllRoles</A>, <A HREF="../../../../../org/apache/shiro/realm/AuthorizingRealm.html#hasRole(org.apache.shiro.subject.PrincipalCollection, java.lang.String)">hasRole</A>, <A HREF="../../../../../org/apache/shiro/realm/AuthorizingRealm.html#hasRole(java.lang.String, org.apache.shiro.authz.AuthorizationInfo)">hasRole</A>, <A HREF="../../../../../org/apache/shiro/realm/AuthorizingRealm.html#hasRoles(java.util.List, org.apache.shiro.authz.AuthorizationInfo)">hasRoles</A>, <A HREF="../../../../../org/apache/shiro/realm/AuthorizingRealm.html#hasRoles(org.apache.shiro.subject.PrincipalCollection, java.util.List)">hasRoles</A>, <A HREF="../../../../../org/apache/shiro/realm/AuthorizingRealm.html#isAuthorizationCachingEnabled()">isAuthorizationCachingEnabled</A>, <A HREF="../../../../../org/apache/shiro/realm/AuthorizingRealm.html#isPermitted(java.util.List, org.apache.shiro.authz.AuthorizationInfo)">isPermitted</A>, <A HREF="../../../../../org/apache/shiro/realm/AuthorizingRealm.html#isPermitted(org.apache.shiro.authz.Permission, org.apache.shiro.authz.AuthorizationInfo)">isPermitted</A>, <A HREF="../../../../../org/apache/shiro/realm/AuthorizingRealm.html#isPermitted(org.apache.shiro.subject.PrincipalCollection, java.util.List)">isPermitted</A>, <A HREF="../../../../../org/apache/shiro/realm/AuthorizingRealm.html#isPermitted(org.apache.shiro.subject.PrincipalCollection, org.apache.shiro.authz.Permission)">isPermitted</A>, <A HREF="../../../../../org/apache/shiro/realm/AuthorizingRealm.html#isPermitted(org.apache.shiro.subject.PrincipalCollection, java.lang.String...)">isPermitted</A>, <A HREF="../../../../../org/apache/shiro/realm/AuthorizingRealm.html#isPermitted(org.apache.shiro.subject.PrincipalCollection, java.lang.String)">isPermitted</A>, <A HREF="../../../../../org/apache/shiro/realm/AuthorizingRealm.html#isPermittedAll(java.util.Collection, org.apache.shiro.authz.AuthorizationInfo)">isPermittedAll</A>, <A HREF="../../../../../org/apache/shiro/realm/AuthorizingRealm.html#isPermittedAll(org.apache.shiro.subject.PrincipalCollection, java.util.Collection)">isPermittedAll</A>, <A HREF="../../../../../org/apache/shiro/realm/AuthorizingRealm.html#isPermittedAll(org.apache.shiro.subject.PrincipalCollection, java.lang.String...)">isPermittedAll</A>, <A HREF="../../../../../org/apache/shiro/realm/AuthorizingRealm.html#onInit()">onInit</A>, <A HREF="../../../../../org/apache/shiro/realm/AuthorizingRealm.html#setAuthorizationCache(org.apache.shiro.cache.Cache)">setAuthorizationCache</A>, <A HREF="../../../../../org/apache/shiro/realm/AuthorizingRealm.html#setAuthorizationCacheName(java.lang.String)">setAuthorizationCacheName</A>, <A HREF="../../../../../org/apache/shiro/realm/AuthorizingRealm.html#setAuthorizationCachingEnabled(boolean)">setAuthorizationCachingEnabled</A>, <A HREF="../../../../../org/apache/shiro/realm/AuthorizingRealm.html#setName(java.lang.String)">setName</A>, <A HREF="../../../../../org/apache/shiro/realm/AuthorizingRealm.html#setPermissionResolver(org.apache.shiro.authz.permission.PermissionResolver)">setPermissionResolver</A>, <A HREF="../../../../../org/apache/shiro/realm/AuthorizingRealm.html#setRolePermissionResolver(org.apache.shiro.authz.permission.RolePermissionResolver)">setRolePermissionResolver</A></CODE></TD> |
| </TR> |
| </TABLE> |
| <A NAME="methods_inherited_from_class_org.apache.shiro.realm.AuthenticatingRealm"><!-- --></A> |
| <TABLE BORDER="1" WIDTH="100%" CELLPADDING="3" CELLSPACING="0" SUMMARY=""> |
| <TR BGCOLOR="#EEEEFF" CLASS="TableSubHeadingColor"> |
| <TH ALIGN="left"><B>Methods inherited from class org.apache.shiro.realm.<A HREF="../../../../../org/apache/shiro/realm/AuthenticatingRealm.html" title="class in org.apache.shiro.realm">AuthenticatingRealm</A></B></TH> |
| </TR> |
| <TR BGCOLOR="white" CLASS="TableRowColor"> |
| <TD><CODE><A HREF="../../../../../org/apache/shiro/realm/AuthenticatingRealm.html#assertCredentialsMatch(org.apache.shiro.authc.AuthenticationToken, org.apache.shiro.authc.AuthenticationInfo)">assertCredentialsMatch</A>, <A HREF="../../../../../org/apache/shiro/realm/AuthenticatingRealm.html#clearCachedAuthenticationInfo(org.apache.shiro.subject.PrincipalCollection)">clearCachedAuthenticationInfo</A>, <A HREF="../../../../../org/apache/shiro/realm/AuthenticatingRealm.html#getAuthenticationCache()">getAuthenticationCache</A>, <A HREF="../../../../../org/apache/shiro/realm/AuthenticatingRealm.html#getAuthenticationCacheKey(org.apache.shiro.authc.AuthenticationToken)">getAuthenticationCacheKey</A>, <A HREF="../../../../../org/apache/shiro/realm/AuthenticatingRealm.html#getAuthenticationCacheKey(org.apache.shiro.subject.PrincipalCollection)">getAuthenticationCacheKey</A>, <A HREF="../../../../../org/apache/shiro/realm/AuthenticatingRealm.html#getAuthenticationCacheName()">getAuthenticationCacheName</A>, <A HREF="../../../../../org/apache/shiro/realm/AuthenticatingRealm.html#getAuthenticationInfo(org.apache.shiro.authc.AuthenticationToken)">getAuthenticationInfo</A>, <A HREF="../../../../../org/apache/shiro/realm/AuthenticatingRealm.html#getAuthenticationTokenClass()">getAuthenticationTokenClass</A>, <A HREF="../../../../../org/apache/shiro/realm/AuthenticatingRealm.html#getCredentialsMatcher()">getCredentialsMatcher</A>, <A HREF="../../../../../org/apache/shiro/realm/AuthenticatingRealm.html#init()">init</A>, <A HREF="../../../../../org/apache/shiro/realm/AuthenticatingRealm.html#isAuthenticationCachingEnabled()">isAuthenticationCachingEnabled</A>, <A HREF="../../../../../org/apache/shiro/realm/AuthenticatingRealm.html#isAuthenticationCachingEnabled(org.apache.shiro.authc.AuthenticationToken, org.apache.shiro.authc.AuthenticationInfo)">isAuthenticationCachingEnabled</A>, <A HREF="../../../../../org/apache/shiro/realm/AuthenticatingRealm.html#setAuthenticationCache(org.apache.shiro.cache.Cache)">setAuthenticationCache</A>, <A HREF="../../../../../org/apache/shiro/realm/AuthenticatingRealm.html#setAuthenticationCacheName(java.lang.String)">setAuthenticationCacheName</A>, <A HREF="../../../../../org/apache/shiro/realm/AuthenticatingRealm.html#setAuthenticationCachingEnabled(boolean)">setAuthenticationCachingEnabled</A>, <A HREF="../../../../../org/apache/shiro/realm/AuthenticatingRealm.html#setAuthenticationTokenClass(java.lang.Class)">setAuthenticationTokenClass</A>, <A HREF="../../../../../org/apache/shiro/realm/AuthenticatingRealm.html#setCredentialsMatcher(org.apache.shiro.authc.credential.CredentialsMatcher)">setCredentialsMatcher</A>, <A HREF="../../../../../org/apache/shiro/realm/AuthenticatingRealm.html#supports(org.apache.shiro.authc.AuthenticationToken)">supports</A></CODE></TD> |
| </TR> |
| </TABLE> |
| <A NAME="methods_inherited_from_class_org.apache.shiro.realm.CachingRealm"><!-- --></A> |
| <TABLE BORDER="1" WIDTH="100%" CELLPADDING="3" CELLSPACING="0" SUMMARY=""> |
| <TR BGCOLOR="#EEEEFF" CLASS="TableSubHeadingColor"> |
| <TH ALIGN="left"><B>Methods inherited from class org.apache.shiro.realm.<A HREF="../../../../../org/apache/shiro/realm/CachingRealm.html" title="class in org.apache.shiro.realm">CachingRealm</A></B></TH> |
| </TR> |
| <TR BGCOLOR="white" CLASS="TableRowColor"> |
| <TD><CODE><A HREF="../../../../../org/apache/shiro/realm/CachingRealm.html#clearCache(org.apache.shiro.subject.PrincipalCollection)">clearCache</A>, <A HREF="../../../../../org/apache/shiro/realm/CachingRealm.html#getAvailablePrincipal(org.apache.shiro.subject.PrincipalCollection)">getAvailablePrincipal</A>, <A HREF="../../../../../org/apache/shiro/realm/CachingRealm.html#getCacheManager()">getCacheManager</A>, <A HREF="../../../../../org/apache/shiro/realm/CachingRealm.html#getName()">getName</A>, <A HREF="../../../../../org/apache/shiro/realm/CachingRealm.html#isCachingEnabled()">isCachingEnabled</A>, <A HREF="../../../../../org/apache/shiro/realm/CachingRealm.html#onLogout(org.apache.shiro.subject.PrincipalCollection)">onLogout</A>, <A HREF="../../../../../org/apache/shiro/realm/CachingRealm.html#setCacheManager(org.apache.shiro.cache.CacheManager)">setCacheManager</A>, <A HREF="../../../../../org/apache/shiro/realm/CachingRealm.html#setCachingEnabled(boolean)">setCachingEnabled</A></CODE></TD> |
| </TR> |
| </TABLE> |
| <A NAME="methods_inherited_from_class_java.lang.Object"><!-- --></A> |
| <TABLE BORDER="1" WIDTH="100%" CELLPADDING="3" CELLSPACING="0" SUMMARY=""> |
| <TR BGCOLOR="#EEEEFF" CLASS="TableSubHeadingColor"> |
| <TH ALIGN="left"><B>Methods inherited from class java.lang.<A HREF="http://java.sun.com/javase/6/docs/api/java/lang/Object.html?is-external=true" title="class or interface in java.lang">Object</A></B></TH> |
| </TR> |
| <TR BGCOLOR="white" CLASS="TableRowColor"> |
| <TD><CODE><A HREF="http://java.sun.com/javase/6/docs/api/java/lang/Object.html?is-external=true#clone()" title="class or interface in java.lang">clone</A>, <A HREF="http://java.sun.com/javase/6/docs/api/java/lang/Object.html?is-external=true#equals(java.lang.Object)" title="class or interface in java.lang">equals</A>, <A HREF="http://java.sun.com/javase/6/docs/api/java/lang/Object.html?is-external=true#finalize()" title="class or interface in java.lang">finalize</A>, <A HREF="http://java.sun.com/javase/6/docs/api/java/lang/Object.html?is-external=true#getClass()" title="class or interface in java.lang">getClass</A>, <A HREF="http://java.sun.com/javase/6/docs/api/java/lang/Object.html?is-external=true#hashCode()" title="class or interface in java.lang">hashCode</A>, <A HREF="http://java.sun.com/javase/6/docs/api/java/lang/Object.html?is-external=true#notify()" title="class or interface in java.lang">notify</A>, <A HREF="http://java.sun.com/javase/6/docs/api/java/lang/Object.html?is-external=true#notifyAll()" title="class or interface in java.lang">notifyAll</A>, <A HREF="http://java.sun.com/javase/6/docs/api/java/lang/Object.html?is-external=true#toString()" title="class or interface in java.lang">toString</A>, <A HREF="http://java.sun.com/javase/6/docs/api/java/lang/Object.html?is-external=true#wait()" title="class or interface in java.lang">wait</A>, <A HREF="http://java.sun.com/javase/6/docs/api/java/lang/Object.html?is-external=true#wait(long)" title="class or interface in java.lang">wait</A>, <A HREF="http://java.sun.com/javase/6/docs/api/java/lang/Object.html?is-external=true#wait(long, int)" title="class or interface in java.lang">wait</A></CODE></TD> |
| </TR> |
| </TABLE> |
| <A NAME="methods_inherited_from_class_org.apache.shiro.util.Initializable"><!-- --></A> |
| <TABLE BORDER="1" WIDTH="100%" CELLPADDING="3" CELLSPACING="0" SUMMARY=""> |
| <TR BGCOLOR="#EEEEFF" CLASS="TableSubHeadingColor"> |
| <TH ALIGN="left"><B>Methods inherited from interface org.apache.shiro.util.<A HREF="../../../../../org/apache/shiro/util/Initializable.html" title="interface in org.apache.shiro.util">Initializable</A></B></TH> |
| </TR> |
| <TR BGCOLOR="white" CLASS="TableRowColor"> |
| <TD><CODE><A HREF="../../../../../org/apache/shiro/util/Initializable.html#init()">init</A></CODE></TD> |
| </TR> |
| </TABLE> |
| |
| <P> |
| |
| <!-- ========= CONSTRUCTOR DETAIL ======== --> |
| |
| <A NAME="constructor_detail"><!-- --></A> |
| <TABLE BORDER="1" WIDTH="100%" CELLPADDING="3" CELLSPACING="0" SUMMARY=""> |
| <TR BGCOLOR="#CCCCFF" CLASS="TableHeadingColor"> |
| <TH ALIGN="left" COLSPAN="1"><FONT SIZE="+2"> |
| <B>Constructor Detail</B></FONT></TH> |
| </TR> |
| </TABLE> |
| |
| <A NAME="JndiLdapRealm()"><!-- --></A><H3> |
| JndiLdapRealm</H3> |
| <PRE> |
| public <A HREF="../../../../../src-html/org/apache/shiro/realm/ldap/JndiLdapRealm.html#line.111"><B>JndiLdapRealm</B></A>()</PRE> |
| <DL> |
| <DD>Default no-argument constructor that defaults the internal <A HREF="../../../../../org/apache/shiro/realm/ldap/LdapContextFactory.html" title="interface in org.apache.shiro.realm.ldap"><CODE>LdapContextFactory</CODE></A> instance to a |
| <A HREF="../../../../../org/apache/shiro/realm/ldap/JndiLdapContextFactory.html" title="class in org.apache.shiro.realm.ldap"><CODE>JndiLdapContextFactory</CODE></A>. |
| <P> |
| </DL> |
| |
| <!-- ============ METHOD DETAIL ========== --> |
| |
| <A NAME="method_detail"><!-- --></A> |
| <TABLE BORDER="1" WIDTH="100%" CELLPADDING="3" CELLSPACING="0" SUMMARY=""> |
| <TR BGCOLOR="#CCCCFF" CLASS="TableHeadingColor"> |
| <TH ALIGN="left" COLSPAN="1"><FONT SIZE="+2"> |
| <B>Method Detail</B></FONT></TH> |
| </TR> |
| </TABLE> |
| |
| <A NAME="getUserDnPrefix()"><!-- --></A><H3> |
| getUserDnPrefix</H3> |
| <PRE> |
| protected <A HREF="http://java.sun.com/javase/6/docs/api/java/lang/String.html?is-external=true" title="class or interface in java.lang">String</A> <A HREF="../../../../../src-html/org/apache/shiro/realm/ldap/JndiLdapRealm.html#line.131"><B>getUserDnPrefix</B></A>()</PRE> |
| <DL> |
| <DD>Returns the User DN prefix to use when building a runtime User DN value or <code>null</code> if no |
| <A HREF="../../../../../org/apache/shiro/realm/ldap/JndiLdapRealm.html#getUserDnTemplate()"><CODE>userDnTemplate</CODE></A> has been configured. If configured, this value is the text that |
| occurs before the <A HREF="../../../../../org/apache/shiro/realm/ldap/JndiLdapRealm.html#USERDN_SUBSTITUTION_TOKEN"><CODE>USERDN_SUBSTITUTION_TOKEN</CODE></A> in the <A HREF="../../../../../org/apache/shiro/realm/ldap/JndiLdapRealm.html#getUserDnTemplate()"><CODE>userDnTemplate</CODE></A> value. |
| <P> |
| <DD><DL> |
| |
| <DT><B>Returns:</B><DD>the the User DN prefix to use when building a runtime User DN value or <code>null</code> if no |
| <A HREF="../../../../../org/apache/shiro/realm/ldap/JndiLdapRealm.html#getUserDnTemplate()"><CODE>userDnTemplate</CODE></A> has been configured.</DL> |
| </DD> |
| </DL> |
| <HR> |
| |
| <A NAME="getUserDnSuffix()"><!-- --></A><H3> |
| getUserDnSuffix</H3> |
| <PRE> |
| protected <A HREF="http://java.sun.com/javase/6/docs/api/java/lang/String.html?is-external=true" title="class or interface in java.lang">String</A> <A HREF="../../../../../src-html/org/apache/shiro/realm/ldap/JndiLdapRealm.html#line.143"><B>getUserDnSuffix</B></A>()</PRE> |
| <DL> |
| <DD>Returns the User DN suffix to use when building a runtime User DN value. or <code>null</code> if no |
| <A HREF="../../../../../org/apache/shiro/realm/ldap/JndiLdapRealm.html#getUserDnTemplate()"><CODE>userDnTemplate</CODE></A> has been configured. If configured, this value is the text that |
| occurs after the <A HREF="../../../../../org/apache/shiro/realm/ldap/JndiLdapRealm.html#USERDN_SUBSTITUTION_TOKEN"><CODE>USERDN_SUBSTITUTION_TOKEN</CODE></A> in the <A HREF="../../../../../org/apache/shiro/realm/ldap/JndiLdapRealm.html#getUserDnTemplate()"><CODE>userDnTemplate</CODE></A> value. |
| <P> |
| <DD><DL> |
| |
| <DT><B>Returns:</B><DD>the User DN suffix to use when building a runtime User DN value or <code>null</code> if no |
| <A HREF="../../../../../org/apache/shiro/realm/ldap/JndiLdapRealm.html#getUserDnTemplate()"><CODE>userDnTemplate</CODE></A> has been configured.</DL> |
| </DD> |
| </DL> |
| <HR> |
| |
| <A NAME="setUserDnTemplate(java.lang.String)"><!-- --></A><H3> |
| setUserDnTemplate</H3> |
| <PRE> |
| public void <A HREF="../../../../../src-html/org/apache/shiro/realm/ldap/JndiLdapRealm.html#line.181"><B>setUserDnTemplate</B></A>(<A HREF="http://java.sun.com/javase/6/docs/api/java/lang/String.html?is-external=true" title="class or interface in java.lang">String</A> template) |
| throws <A HREF="http://java.sun.com/javase/6/docs/api/java/lang/IllegalArgumentException.html?is-external=true" title="class or interface in java.lang">IllegalArgumentException</A></PRE> |
| <DL> |
| <DD>Sets the User Distinguished Name (DN) template to use when creating User DNs at runtime. A User DN is an LDAP |
| fully-qualified unique user identifier which is required to establish a connection with the LDAP |
| directory to authenticate users and query for authorization information. |
| <h2>Usage</h2> |
| User DN formats are unique to the LDAP directory's schema, and each environment differs - you will need to |
| specify the format corresponding to your directory. You do this by specifying the full User DN as normal, but |
| but you use a <b><code>{0}</code></b> placeholder token in the string representing the location where the |
| user's submitted principal (usually a username or uid) will be substituted at runtime. |
| <p/> |
| For example, if your directory |
| uses an LDAP <code>uid</code> attribute to represent usernames, the User DN for the <code>jsmith</code> user may look like |
| this: |
| <p/> |
| <pre>uid=jsmith,ou=users,dc=mycompany,dc=com</pre> |
| <p/> |
| in which case you would set this property with the following template value: |
| <p/> |
| <pre>uid=<b>{0}</b>,ou=users,dc=mycompany,dc=com</pre> |
| <p/> |
| If no template is configured, the raw <code>AuthenticationToken</code> |
| <A HREF="../../../../../org/apache/shiro/authc/AuthenticationToken.html#getPrincipal()"><CODE>principal</CODE></A> will be used as the LDAP principal. This is likely |
| incorrect as most LDAP directories expect a fully-qualified User DN as opposed to the raw uid or username. So, |
| ensure you set this property to match your environment! |
| <P> |
| <DD><DL> |
| <DT><B>Parameters:</B><DD><CODE>template</CODE> - the User Distinguished Name template to use for runtime substitution |
| <DT><B>Throws:</B> |
| <DD><CODE><A HREF="http://java.sun.com/javase/6/docs/api/java/lang/IllegalArgumentException.html?is-external=true" title="class or interface in java.lang">IllegalArgumentException</A></CODE> - if the template is null, empty, or does not contain the |
| <code>{0}</code> substitution token.<DT><B>See Also:</B><DD><A HREF="../../../../../org/apache/shiro/realm/ldap/LdapContextFactory.html#getLdapContext(java.lang.Object, java.lang.Object)"><CODE>LdapContextFactory.getLdapContext(Object,Object)</CODE></A></DL> |
| </DD> |
| </DL> |
| <HR> |
| |
| <A NAME="getUserDnTemplate()"><!-- --></A><H3> |
| getUserDnTemplate</H3> |
| <PRE> |
| public <A HREF="http://java.sun.com/javase/6/docs/api/java/lang/String.html?is-external=true" title="class or interface in java.lang">String</A> <A HREF="../../../../../src-html/org/apache/shiro/realm/ldap/JndiLdapRealm.html#line.208"><B>getUserDnTemplate</B></A>()</PRE> |
| <DL> |
| <DD>Returns the User Distinguished Name (DN) template to use when creating User DNs at runtime - see the |
| <A HREF="../../../../../org/apache/shiro/realm/ldap/JndiLdapRealm.html#setUserDnTemplate(java.lang.String)"><CODE>setUserDnTemplate</CODE></A> JavaDoc for a full explanation. |
| <P> |
| <DD><DL> |
| |
| <DT><B>Returns:</B><DD>the User Distinguished Name (DN) template to use when creating User DNs at runtime.</DL> |
| </DD> |
| </DL> |
| <HR> |
| |
| <A NAME="getUserDn(java.lang.String)"><!-- --></A><H3> |
| getUserDn</H3> |
| <PRE> |
| protected <A HREF="http://java.sun.com/javase/6/docs/api/java/lang/String.html?is-external=true" title="class or interface in java.lang">String</A> <A HREF="../../../../../src-html/org/apache/shiro/realm/ldap/JndiLdapRealm.html#line.227"><B>getUserDn</B></A>(<A HREF="http://java.sun.com/javase/6/docs/api/java/lang/String.html?is-external=true" title="class or interface in java.lang">String</A> principal) |
| throws <A HREF="http://java.sun.com/javase/6/docs/api/java/lang/IllegalArgumentException.html?is-external=true" title="class or interface in java.lang">IllegalArgumentException</A>, |
| <A HREF="http://java.sun.com/javase/6/docs/api/java/lang/IllegalStateException.html?is-external=true" title="class or interface in java.lang">IllegalStateException</A></PRE> |
| <DL> |
| <DD>Returns the LDAP User Distinguished Name (DN) to use when acquiring an |
| <A HREF="http://java.sun.com/javase/6/docs/api/javax/naming/ldap/LdapContext.html?is-external=true" title="class or interface in javax.naming.ldap"><CODE>LdapContext</CODE></A> from the <A HREF="../../../../../org/apache/shiro/realm/ldap/LdapContextFactory.html" title="interface in org.apache.shiro.realm.ldap"><CODE>LdapContextFactory</CODE></A>. |
| <p/> |
| If the the <A HREF="../../../../../org/apache/shiro/realm/ldap/JndiLdapRealm.html#getUserDnTemplate()"><CODE>userDnTemplate</CODE></A> property has been set, this implementation will construct |
| the User DN by substituting the specified <code>principal</code> into the configured template. If the |
| <A HREF="../../../../../org/apache/shiro/realm/ldap/JndiLdapRealm.html#getUserDnTemplate()"><CODE>userDnTemplate</CODE></A> has not been set, the method argument will be returned directly |
| (indicating that the submitted authentication token principal <em>is</em> the User DN). |
| <P> |
| <DD><DL> |
| <DT><B>Parameters:</B><DD><CODE>principal</CODE> - the principal to substitute into the configured <A HREF="../../../../../org/apache/shiro/realm/ldap/JndiLdapRealm.html#getUserDnTemplate()"><CODE>userDnTemplate</CODE></A>. |
| <DT><B>Returns:</B><DD>the constructed User DN to use at runtime when acquiring an <A HREF="http://java.sun.com/javase/6/docs/api/javax/naming/ldap/LdapContext.html?is-external=true" title="class or interface in javax.naming.ldap"><CODE>LdapContext</CODE></A>. |
| <DT><B>Throws:</B> |
| <DD><CODE><A HREF="http://java.sun.com/javase/6/docs/api/java/lang/IllegalArgumentException.html?is-external=true" title="class or interface in java.lang">IllegalArgumentException</A></CODE> - if the method argument is null or empty |
| <DD><CODE><A HREF="http://java.sun.com/javase/6/docs/api/java/lang/IllegalStateException.html?is-external=true" title="class or interface in java.lang">IllegalStateException</A></CODE> - if the <A HREF="../../../../../org/apache/shiro/realm/ldap/JndiLdapRealm.html#getUserDnTemplate()"><CODE>userDnTemplate</CODE></A> has not been set.<DT><B>See Also:</B><DD><A HREF="../../../../../org/apache/shiro/realm/ldap/LdapContextFactory.html#getLdapContext(java.lang.Object, java.lang.Object)"><CODE>LdapContextFactory.getLdapContext(Object, Object)</CODE></A></DL> |
| </DD> |
| </DL> |
| <HR> |
| |
| <A NAME="setContextFactory(org.apache.shiro.realm.ldap.LdapContextFactory)"><!-- --></A><H3> |
| setContextFactory</H3> |
| <PRE> |
| public void <A HREF="../../../../../src-html/org/apache/shiro/realm/ldap/JndiLdapRealm.html#line.262"><B>setContextFactory</B></A>(<A HREF="../../../../../org/apache/shiro/realm/ldap/LdapContextFactory.html" title="interface in org.apache.shiro.realm.ldap">LdapContextFactory</A> contextFactory)</PRE> |
| <DL> |
| <DD>Sets the LdapContextFactory instance used to acquire connections to the LDAP directory during authentication |
| attempts and authorization queries. Unless specified otherwise, the default is a <A HREF="../../../../../org/apache/shiro/realm/ldap/JndiLdapContextFactory.html" title="class in org.apache.shiro.realm.ldap"><CODE>JndiLdapContextFactory</CODE></A> |
| instance. |
| <P> |
| <DD><DL> |
| <DT><B>Parameters:</B><DD><CODE>contextFactory</CODE> - the LdapContextFactory instance used to acquire connections to the LDAP directory during |
| authentication attempts and authorization queries</DL> |
| </DD> |
| </DL> |
| <HR> |
| |
| <A NAME="getContextFactory()"><!-- --></A><H3> |
| getContextFactory</H3> |
| <PRE> |
| public <A HREF="../../../../../org/apache/shiro/realm/ldap/LdapContextFactory.html" title="interface in org.apache.shiro.realm.ldap">LdapContextFactory</A> <A HREF="../../../../../src-html/org/apache/shiro/realm/ldap/JndiLdapRealm.html#line.274"><B>getContextFactory</B></A>()</PRE> |
| <DL> |
| <DD>Returns the LdapContextFactory instance used to acquire connections to the LDAP directory during authentication |
| attempts and authorization queries. Unless specified otherwise, the default is a <A HREF="../../../../../org/apache/shiro/realm/ldap/JndiLdapContextFactory.html" title="class in org.apache.shiro.realm.ldap"><CODE>JndiLdapContextFactory</CODE></A> |
| instance. |
| <P> |
| <DD><DL> |
| |
| <DT><B>Returns:</B><DD>the LdapContextFactory instance used to acquire connections to the LDAP directory during |
| authentication attempts and authorization queries</DL> |
| </DD> |
| </DL> |
| <HR> |
| |
| <A NAME="doGetAuthenticationInfo(org.apache.shiro.authc.AuthenticationToken)"><!-- --></A><H3> |
| doGetAuthenticationInfo</H3> |
| <PRE> |
| protected <A HREF="../../../../../org/apache/shiro/authc/AuthenticationInfo.html" title="interface in org.apache.shiro.authc">AuthenticationInfo</A> <A HREF="../../../../../src-html/org/apache/shiro/realm/ldap/JndiLdapRealm.html#line.292"><B>doGetAuthenticationInfo</B></A>(<A HREF="../../../../../org/apache/shiro/authc/AuthenticationToken.html" title="interface in org.apache.shiro.authc">AuthenticationToken</A> token) |
| throws <A HREF="../../../../../org/apache/shiro/authc/AuthenticationException.html" title="class in org.apache.shiro.authc">AuthenticationException</A></PRE> |
| <DL> |
| <DD>Delegates to <A HREF="../../../../../org/apache/shiro/realm/ldap/JndiLdapRealm.html#queryForAuthenticationInfo(org.apache.shiro.authc.AuthenticationToken, org.apache.shiro.realm.ldap.LdapContextFactory)"><CODE>queryForAuthenticationInfo(org.apache.shiro.authc.AuthenticationToken, LdapContextFactory)</CODE></A>, |
| wrapping any <A HREF="http://java.sun.com/javase/6/docs/api/javax/naming/NamingException.html?is-external=true" title="class or interface in javax.naming"><CODE>NamingException</CODE></A>s in a Shiro <A HREF="../../../../../org/apache/shiro/authc/AuthenticationException.html" title="class in org.apache.shiro.authc"><CODE>AuthenticationException</CODE></A> to satisfy the parent method |
| signature. |
| <P> |
| <DD><DL> |
| <DT><B>Specified by:</B><DD><CODE><A HREF="../../../../../org/apache/shiro/realm/AuthenticatingRealm.html#doGetAuthenticationInfo(org.apache.shiro.authc.AuthenticationToken)">doGetAuthenticationInfo</A></CODE> in class <CODE><A HREF="../../../../../org/apache/shiro/realm/AuthenticatingRealm.html" title="class in org.apache.shiro.realm">AuthenticatingRealm</A></CODE></DL> |
| </DD> |
| <DD><DL> |
| <DT><B>Parameters:</B><DD><CODE>token</CODE> - the authentication token containing the user's principal and credentials. |
| <DT><B>Returns:</B><DD>the <A HREF="../../../../../org/apache/shiro/authc/AuthenticationInfo.html" title="interface in org.apache.shiro.authc"><CODE>AuthenticationInfo</CODE></A> acquired after a successful authentication attempt |
| <DT><B>Throws:</B> |
| <DD><CODE><A HREF="../../../../../org/apache/shiro/authc/AuthenticationException.html" title="class in org.apache.shiro.authc">AuthenticationException</A></CODE> - if the authentication attempt fails or if a |
| <A HREF="http://java.sun.com/javase/6/docs/api/javax/naming/NamingException.html?is-external=true" title="class or interface in javax.naming"><CODE>NamingException</CODE></A> occurs.</DL> |
| </DD> |
| </DL> |
| <HR> |
| |
| <A NAME="doGetAuthorizationInfo(org.apache.shiro.subject.PrincipalCollection)"><!-- --></A><H3> |
| doGetAuthorizationInfo</H3> |
| <PRE> |
| protected <A HREF="../../../../../org/apache/shiro/authz/AuthorizationInfo.html" title="interface in org.apache.shiro.authz">AuthorizationInfo</A> <A HREF="../../../../../src-html/org/apache/shiro/realm/ldap/JndiLdapRealm.html#line.310"><B>doGetAuthorizationInfo</B></A>(<A HREF="../../../../../org/apache/shiro/subject/PrincipalCollection.html" title="interface in org.apache.shiro.subject">PrincipalCollection</A> principals)</PRE> |
| <DL> |
| <DD><B>Description copied from class: <CODE><A HREF="../../../../../org/apache/shiro/realm/AuthorizingRealm.html#doGetAuthorizationInfo(org.apache.shiro.subject.PrincipalCollection)">AuthorizingRealm</A></CODE></B></DD> |
| <DD>Retrieves the AuthorizationInfo for the given principals from the underlying data store. When returning |
| an instance from this method, you might want to consider using an instance of |
| <A HREF="../../../../../org/apache/shiro/authz/SimpleAuthorizationInfo.html" title="class in org.apache.shiro.authz"><CODE>SimpleAuthorizationInfo</CODE></A>, as it is suitable in most cases. |
| <P> |
| <DD><DL> |
| <DT><B>Specified by:</B><DD><CODE><A HREF="../../../../../org/apache/shiro/realm/AuthorizingRealm.html#doGetAuthorizationInfo(org.apache.shiro.subject.PrincipalCollection)">doGetAuthorizationInfo</A></CODE> in class <CODE><A HREF="../../../../../org/apache/shiro/realm/AuthorizingRealm.html" title="class in org.apache.shiro.realm">AuthorizingRealm</A></CODE></DL> |
| </DD> |
| <DD><DL> |
| <DT><B>Parameters:</B><DD><CODE>principals</CODE> - the primary identifying principals of the AuthorizationInfo that should be retrieved. |
| <DT><B>Returns:</B><DD>the AuthorizationInfo associated with this principals.<DT><B>See Also:</B><DD><A HREF="../../../../../org/apache/shiro/authz/SimpleAuthorizationInfo.html" title="class in org.apache.shiro.authz"><CODE>SimpleAuthorizationInfo</CODE></A></DL> |
| </DD> |
| </DL> |
| <HR> |
| |
| <A NAME="getLdapPrincipal(org.apache.shiro.authc.AuthenticationToken)"><!-- --></A><H3> |
| getLdapPrincipal</H3> |
| <PRE> |
| protected <A HREF="http://java.sun.com/javase/6/docs/api/java/lang/Object.html?is-external=true" title="class or interface in java.lang">Object</A> <A HREF="../../../../../src-html/org/apache/shiro/realm/ldap/JndiLdapRealm.html#line.338"><B>getLdapPrincipal</B></A>(<A HREF="../../../../../org/apache/shiro/authc/AuthenticationToken.html" title="interface in org.apache.shiro.authc">AuthenticationToken</A> token)</PRE> |
| <DL> |
| <DD>Returns the principal to use when creating the LDAP connection for an authentication attempt. |
| <p/> |
| This implementation uses a heuristic: it checks to see if the specified token's |
| <A HREF="../../../../../org/apache/shiro/authc/AuthenticationToken.html#getPrincipal()"><CODE>principal</CODE></A> is a <code>String</code>, and if so, |
| <A HREF="../../../../../org/apache/shiro/realm/ldap/JndiLdapRealm.html#getUserDn(java.lang.String)"><CODE>converts it</CODE></A> from what is |
| assumed to be a raw uid or username <code>String</code> into a User DN <code>String</code>. Almost all LDAP directories |
| expect the authentication connection to present a User DN and not an unqualified username or uid. |
| <p/> |
| If the token's <code>principal</code> is not a String, it is assumed to already be in the format supported by the |
| underlying <A HREF="../../../../../org/apache/shiro/realm/ldap/LdapContextFactory.html" title="interface in org.apache.shiro.realm.ldap"><CODE>LdapContextFactory</CODE></A> implementation and the raw principal is returned directly. |
| <P> |
| <DD><DL> |
| <DT><B>Parameters:</B><DD><CODE>token</CODE> - the <A HREF="../../../../../org/apache/shiro/authc/AuthenticationToken.html" title="interface in org.apache.shiro.authc"><CODE>AuthenticationToken</CODE></A> submitted during the authentication process |
| <DT><B>Returns:</B><DD>the User DN or raw principal to use to acquire the LdapContext.<DT><B>See Also:</B><DD><A HREF="../../../../../org/apache/shiro/realm/ldap/LdapContextFactory.html#getLdapContext(java.lang.Object, java.lang.Object)"><CODE>LdapContextFactory.getLdapContext(Object, Object)</CODE></A></DL> |
| </DD> |
| </DL> |
| <HR> |
| |
| <A NAME="queryForAuthenticationInfo(org.apache.shiro.authc.AuthenticationToken, org.apache.shiro.realm.ldap.LdapContextFactory)"><!-- --></A><H3> |
| queryForAuthenticationInfo</H3> |
| <PRE> |
| protected <A HREF="../../../../../org/apache/shiro/authc/AuthenticationInfo.html" title="interface in org.apache.shiro.authc">AuthenticationInfo</A> <A HREF="../../../../../src-html/org/apache/shiro/realm/ldap/JndiLdapRealm.html#line.362"><B>queryForAuthenticationInfo</B></A>(<A HREF="../../../../../org/apache/shiro/authc/AuthenticationToken.html" title="interface in org.apache.shiro.authc">AuthenticationToken</A> token, |
| <A HREF="../../../../../org/apache/shiro/realm/ldap/LdapContextFactory.html" title="interface in org.apache.shiro.realm.ldap">LdapContextFactory</A> ldapContextFactory) |
| throws <A HREF="http://java.sun.com/javase/6/docs/api/javax/naming/NamingException.html?is-external=true" title="class or interface in javax.naming">NamingException</A></PRE> |
| <DL> |
| <DD>This implementation opens an LDAP connection using the token's |
| <A HREF="../../../../../org/apache/shiro/realm/ldap/JndiLdapRealm.html#getLdapPrincipal(org.apache.shiro.authc.AuthenticationToken)"><CODE>discovered principal</CODE></A> and provided |
| <A HREF="../../../../../org/apache/shiro/authc/AuthenticationToken.html#getCredentials()"><CODE>credentials</CODE></A>. If the connection opens successfully, the |
| authentication attempt is immediately considered successful and a new |
| <A HREF="../../../../../org/apache/shiro/authc/AuthenticationInfo.html" title="interface in org.apache.shiro.authc"><CODE>AuthenticationInfo</CODE></A> instance is |
| <A HREF="../../../../../org/apache/shiro/realm/ldap/JndiLdapRealm.html#createAuthenticationInfo(org.apache.shiro.authc.AuthenticationToken, java.lang.Object, java.lang.Object, javax.naming.ldap.LdapContext)"><CODE>created</CODE></A> |
| and returned. If the connection cannot be opened, either because LDAP authentication failed or some other |
| JNDI problem, an <A HREF="http://java.sun.com/javase/6/docs/api/javax/naming/NamingException.html?is-external=true" title="class or interface in javax.naming"><CODE>NamingException</CODE></A> will be thrown. |
| <P> |
| <DD><DL> |
| <DT><B>Parameters:</B><DD><CODE>token</CODE> - the submitted authentication token that triggered the authentication attempt.<DD><CODE>ldapContextFactory</CODE> - factory used to retrieve LDAP connections. |
| <DT><B>Returns:</B><DD>an <A HREF="../../../../../org/apache/shiro/authc/AuthenticationInfo.html" title="interface in org.apache.shiro.authc"><CODE>AuthenticationInfo</CODE></A> instance representing the authenticated user's information. |
| <DT><B>Throws:</B> |
| <DD><CODE><A HREF="http://java.sun.com/javase/6/docs/api/javax/naming/NamingException.html?is-external=true" title="class or interface in javax.naming">NamingException</A></CODE> - if any LDAP errors occur.</DL> |
| </DD> |
| </DL> |
| <HR> |
| |
| <A NAME="createAuthenticationInfo(org.apache.shiro.authc.AuthenticationToken, java.lang.Object, java.lang.Object, javax.naming.ldap.LdapContext)"><!-- --></A><H3> |
| createAuthenticationInfo</H3> |
| <PRE> |
| protected <A HREF="../../../../../org/apache/shiro/authc/AuthenticationInfo.html" title="interface in org.apache.shiro.authc">AuthenticationInfo</A> <A HREF="../../../../../src-html/org/apache/shiro/realm/ldap/JndiLdapRealm.html#line.409"><B>createAuthenticationInfo</B></A>(<A HREF="../../../../../org/apache/shiro/authc/AuthenticationToken.html" title="interface in org.apache.shiro.authc">AuthenticationToken</A> token, |
| <A HREF="http://java.sun.com/javase/6/docs/api/java/lang/Object.html?is-external=true" title="class or interface in java.lang">Object</A> ldapPrincipal, |
| <A HREF="http://java.sun.com/javase/6/docs/api/java/lang/Object.html?is-external=true" title="class or interface in java.lang">Object</A> ldapCredentials, |
| <A HREF="http://java.sun.com/javase/6/docs/api/javax/naming/ldap/LdapContext.html?is-external=true" title="class or interface in javax.naming.ldap">LdapContext</A> ldapContext) |
| throws <A HREF="http://java.sun.com/javase/6/docs/api/javax/naming/NamingException.html?is-external=true" title="class or interface in javax.naming">NamingException</A></PRE> |
| <DL> |
| <DD>Returns the <A HREF="../../../../../org/apache/shiro/authc/AuthenticationInfo.html" title="interface in org.apache.shiro.authc"><CODE>AuthenticationInfo</CODE></A> resulting from a Subject's successful LDAP authentication attempt. |
| <p/> |
| This implementation ignores the <code>ldapPrincipal</code>, <code>ldapCredentials</code>, and the opened |
| <code>ldapContext</code> arguments and merely returns an <code>AuthenticationInfo</code> instance mirroring the |
| submitted token's principal and credentials. This is acceptable because this method is only ever invoked after |
| a successful authentication attempt, which means the provided principal and credentials were correct, and can |
| be used directly to populate the (now verified) <code>AuthenticationInfo</code>. |
| <p/> |
| Subclasses however are free to override this method for more advanced construction logic. |
| <P> |
| <DD><DL> |
| <DT><B>Parameters:</B><DD><CODE>token</CODE> - the submitted <code>AuthenticationToken</code> that resulted in a successful authentication<DD><CODE>ldapPrincipal</CODE> - the LDAP principal used when creating the LDAP connection. Unlike the token's |
| <A HREF="../../../../../org/apache/shiro/authc/AuthenticationToken.html#getPrincipal()"><CODE>principal</CODE></A>, this value is usually a constructed |
| User DN and not a simple username or uid. The exact value is depending on the |
| configured |
| <a href="http://download-llnw.oracle.com/javase/tutorial/jndi/ldap/auth_mechs.html"> |
| LDAP authentication mechanism</a> in use.<DD><CODE>ldapCredentials</CODE> - the LDAP credentials used when creating the LDAP connection.<DD><CODE>ldapContext</CODE> - the LdapContext created that resulted in a successful authentication. It can be used |
| further by subclasses for more complex operations. It does not need to be closed - |
| it will be closed automatically after this method returns. |
| <DT><B>Returns:</B><DD>the <A HREF="../../../../../org/apache/shiro/authc/AuthenticationInfo.html" title="interface in org.apache.shiro.authc"><CODE>AuthenticationInfo</CODE></A> resulting from a Subject's successful LDAP authentication attempt. |
| <DT><B>Throws:</B> |
| <DD><CODE><A HREF="http://java.sun.com/javase/6/docs/api/javax/naming/NamingException.html?is-external=true" title="class or interface in javax.naming">NamingException</A></CODE> - if there was any problem using the <code>LdapContext</code></DL> |
| </DD> |
| </DL> |
| <HR> |
| |
| <A NAME="queryForAuthorizationInfo(org.apache.shiro.subject.PrincipalCollection, org.apache.shiro.realm.ldap.LdapContextFactory)"><!-- --></A><H3> |
| queryForAuthorizationInfo</H3> |
| <PRE> |
| protected <A HREF="../../../../../org/apache/shiro/authz/AuthorizationInfo.html" title="interface in org.apache.shiro.authz">AuthorizationInfo</A> <A HREF="../../../../../src-html/org/apache/shiro/realm/ldap/JndiLdapRealm.html#line.426"><B>queryForAuthorizationInfo</B></A>(<A HREF="../../../../../org/apache/shiro/subject/PrincipalCollection.html" title="interface in org.apache.shiro.subject">PrincipalCollection</A> principals, |
| <A HREF="../../../../../org/apache/shiro/realm/ldap/LdapContextFactory.html" title="interface in org.apache.shiro.realm.ldap">LdapContextFactory</A> ldapContextFactory) |
| throws <A HREF="http://java.sun.com/javase/6/docs/api/javax/naming/NamingException.html?is-external=true" title="class or interface in javax.naming">NamingException</A></PRE> |
| <DL> |
| <DD>Method that should be implemented by subclasses to build an |
| <A HREF="../../../../../org/apache/shiro/authz/AuthorizationInfo.html" title="interface in org.apache.shiro.authz"><CODE>AuthorizationInfo</CODE></A> object by querying the LDAP context for the |
| specified principal.</p> |
| <P> |
| <DD><DL> |
| <DT><B>Parameters:</B><DD><CODE>principals</CODE> - the principals of the Subject whose AuthenticationInfo should be queried from the LDAP server.<DD><CODE>ldapContextFactory</CODE> - factory used to retrieve LDAP connections. |
| <DT><B>Returns:</B><DD>an <A HREF="../../../../../org/apache/shiro/authz/AuthorizationInfo.html" title="interface in org.apache.shiro.authz"><CODE>AuthorizationInfo</CODE></A> instance containing information retrieved from the LDAP server. |
| <DT><B>Throws:</B> |
| <DD><CODE><A HREF="http://java.sun.com/javase/6/docs/api/javax/naming/NamingException.html?is-external=true" title="class or interface in javax.naming">NamingException</A></CODE> - if any LDAP errors occur during the search.</DL> |
| </DD> |
| </DL> |
| <!-- ========= END OF CLASS DATA ========= --> |
| <HR> |
| |
| |
| <!-- ======= START OF BOTTOM NAVBAR ====== --> |
| <A NAME="navbar_bottom"><!-- --></A> |
| <A HREF="#skip-navbar_bottom" title="Skip navigation links"></A> |
| <TABLE BORDER="0" WIDTH="100%" CELLPADDING="1" CELLSPACING="0" SUMMARY=""> |
| <TR> |
| <TD COLSPAN=2 BGCOLOR="#EEEEFF" CLASS="NavBarCell1"> |
| <A NAME="navbar_bottom_firstrow"><!-- --></A> |
| <TABLE BORDER="0" CELLPADDING="0" CELLSPACING="3" SUMMARY=""> |
| <TR ALIGN="center" VALIGN="top"> |
| <TD BGCOLOR="#EEEEFF" CLASS="NavBarCell1"> <A HREF="../../../../../overview-summary.html"><FONT CLASS="NavBarFont1"><B>Overview</B></FONT></A> </TD> |
| <TD BGCOLOR="#EEEEFF" CLASS="NavBarCell1"> <A HREF="package-summary.html"><FONT CLASS="NavBarFont1"><B>Package</B></FONT></A> </TD> |
| <TD BGCOLOR="#FFFFFF" CLASS="NavBarCell1Rev"> <FONT CLASS="NavBarFont1Rev"><B>Class</B></FONT> </TD> |
| <TD BGCOLOR="#EEEEFF" CLASS="NavBarCell1"> <A HREF="class-use/JndiLdapRealm.html"><FONT CLASS="NavBarFont1"><B>Use</B></FONT></A> </TD> |
| <TD BGCOLOR="#EEEEFF" CLASS="NavBarCell1"> <A HREF="package-tree.html"><FONT CLASS="NavBarFont1"><B>Tree</B></FONT></A> </TD> |
| <TD BGCOLOR="#EEEEFF" CLASS="NavBarCell1"> <A HREF="../../../../../deprecated-list.html"><FONT CLASS="NavBarFont1"><B>Deprecated</B></FONT></A> </TD> |
| <TD BGCOLOR="#EEEEFF" CLASS="NavBarCell1"> <A HREF="../../../../../index-all.html"><FONT CLASS="NavBarFont1"><B>Index</B></FONT></A> </TD> |
| <TD BGCOLOR="#EEEEFF" CLASS="NavBarCell1"> <A HREF="../../../../../help-doc.html"><FONT CLASS="NavBarFont1"><B>Help</B></FONT></A> </TD> |
| </TR> |
| </TABLE> |
| </TD> |
| <TD ALIGN="right" VALIGN="top" ROWSPAN=3><EM> |
| </EM> |
| </TD> |
| </TR> |
| |
| <TR> |
| <TD BGCOLOR="white" CLASS="NavBarCell2"><FONT SIZE="-2"> |
| <A HREF="../../../../../org/apache/shiro/realm/ldap/JndiLdapContextFactory.html" title="class in org.apache.shiro.realm.ldap"><B>PREV CLASS</B></A> |
| <A HREF="../../../../../org/apache/shiro/realm/ldap/LdapContextFactory.html" title="interface in org.apache.shiro.realm.ldap"><B>NEXT CLASS</B></A></FONT></TD> |
| <TD BGCOLOR="white" CLASS="NavBarCell2"><FONT SIZE="-2"> |
| <A HREF="../../../../../index.html?org/apache/shiro/realm/ldap/JndiLdapRealm.html" target="_top"><B>FRAMES</B></A> |
| <A HREF="JndiLdapRealm.html" target="_top"><B>NO FRAMES</B></A> |
| <SCRIPT type="text/javascript"> |
| <!-- |
| if(window==top) { |
| document.writeln('<A HREF="../../../../../allclasses-noframe.html"><B>All Classes</B></A>'); |
| } |
| //--> |
| </SCRIPT> |
| <NOSCRIPT> |
| <A HREF="../../../../../allclasses-noframe.html"><B>All Classes</B></A> |
| </NOSCRIPT> |
| |
| |
| </FONT></TD> |
| </TR> |
| <TR> |
| <TD VALIGN="top" CLASS="NavBarCell3"><FONT SIZE="-2"> |
| SUMMARY: NESTED | FIELD | <A HREF="#constructor_summary">CONSTR</A> | <A HREF="#method_summary">METHOD</A></FONT></TD> |
| <TD VALIGN="top" CLASS="NavBarCell3"><FONT SIZE="-2"> |
| DETAIL: FIELD | <A HREF="#constructor_detail">CONSTR</A> | <A HREF="#method_detail">METHOD</A></FONT></TD> |
| </TR> |
| </TABLE> |
| <A NAME="skip-navbar_bottom"></A> |
| <!-- ======== END OF BOTTOM NAVBAR ======= --> |
| |
| <HR> |
| Copyright © 2004-2016 <a href="http://www.apache.org/">The Apache Software Foundation</a>. All Rights Reserved. |
| </BODY> |
| </HTML> |