| <!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN" "http://www.w3.org/TR/html4/loose.dtd"> |
| <!-- NewPage --> |
| <html lang="fr"> |
| <head> |
| <!-- Generated by javadoc (1.8.0_77) on Sun May 14 11:51:27 CEST 2017 --> |
| <meta http-equiv="Content-Type" content="text/html; charset=UTF-8"> |
| <title>DefaultLdapRealm (Apache Shiro 1.4.0 API)</title> |
| <meta name="date" content="2017-05-14"> |
| <link rel="stylesheet" type="text/css" href="../../../../../stylesheet.css" title="Style"> |
| <script type="text/javascript" src="../../../../../script.js"></script> |
| </head> |
| <body> |
| <script type="text/javascript"><!-- |
| try { |
| if (location.href.indexOf('is-external=true') == -1) { |
| parent.document.title="DefaultLdapRealm (Apache Shiro 1.4.0 API)"; |
| } |
| } |
| catch(err) { |
| } |
| //--> |
| var methods = {"i0":10,"i1":10,"i2":10,"i3":10,"i4":10,"i5":10,"i6":10,"i7":10,"i8":10,"i9":10,"i10":10,"i11":10,"i12":10}; |
| var tabs = {65535:["t0","All Methods"],2:["t2","Instance Methods"],8:["t4","Concrete Methods"]}; |
| var altColor = "altColor"; |
| var rowColor = "rowColor"; |
| var tableTab = "tableTab"; |
| var activeTableTab = "activeTableTab"; |
| </script> |
| <noscript> |
| <div>JavaScript is disabled on your browser.</div> |
| </noscript> |
| |
| <!-- ========= START OF TOP NAVBAR ======= --> |
| <div class="topNav"><a name="navbar.top"> |
| <!-- --> |
| </a> |
| <div class="skipNav"><a href="#skip.navbar.top" title="Skip navigation links">Skip navigation links</a></div> |
| <a name="navbar.top.firstrow"> |
| <!-- --> |
| </a> |
| <ul class="navList" title="Navigation"> |
| <li><a href="../../../../../overview-summary.html">Overview</a></li> |
| <li><a href="package-summary.html">Package</a></li> |
| <li class="navBarCell1Rev">Class</li> |
| <li><a href="class-use/DefaultLdapRealm.html">Use</a></li> |
| <li><a href="package-tree.html">Tree</a></li> |
| <li><a href="../../../../../deprecated-list.html">Deprecated</a></li> |
| <li><a href="../../../../../index-all.html">Index</a></li> |
| <li><a href="../../../../../help-doc.html">Help</a></li> |
| </ul> |
| </div> |
| <div class="subNav"> |
| <ul class="navList"> |
| <li><a href="../../../../../org/apache/shiro/realm/ldap/DefaultLdapContextFactory.html" title="class in org.apache.shiro.realm.ldap"><span class="typeNameLink">Prev Class</span></a></li> |
| <li><a href="../../../../../org/apache/shiro/realm/ldap/JndiLdapContextFactory.html" title="class in org.apache.shiro.realm.ldap"><span class="typeNameLink">Next Class</span></a></li> |
| </ul> |
| <ul class="navList"> |
| <li><a href="../../../../../index.html?org/apache/shiro/realm/ldap/DefaultLdapRealm.html" target="_top">Frames</a></li> |
| <li><a href="DefaultLdapRealm.html" target="_top">No Frames</a></li> |
| </ul> |
| <ul class="navList" id="allclasses_navbar_top"> |
| <li><a href="../../../../../allclasses-noframe.html">All Classes</a></li> |
| </ul> |
| <div> |
| <script type="text/javascript"><!-- |
| allClassesLink = document.getElementById("allclasses_navbar_top"); |
| if(window==top) { |
| allClassesLink.style.display = "block"; |
| } |
| else { |
| allClassesLink.style.display = "none"; |
| } |
| //--> |
| </script> |
| </div> |
| <div> |
| <ul class="subNavList"> |
| <li>Summary: </li> |
| <li>Nested | </li> |
| <li>Field | </li> |
| <li><a href="#constructor.summary">Constr</a> | </li> |
| <li><a href="#method.summary">Method</a></li> |
| </ul> |
| <ul class="subNavList"> |
| <li>Detail: </li> |
| <li>Field | </li> |
| <li><a href="#constructor.detail">Constr</a> | </li> |
| <li><a href="#method.detail">Method</a></li> |
| </ul> |
| </div> |
| <a name="skip.navbar.top"> |
| <!-- --> |
| </a></div> |
| <!-- ========= END OF TOP NAVBAR ========= --> |
| <!-- ======== START OF CLASS DATA ======== --> |
| <div class="header"> |
| <div class="subTitle">org.apache.shiro.realm.ldap</div> |
| <h2 title="Class DefaultLdapRealm" class="title">Class DefaultLdapRealm</h2> |
| </div> |
| <div class="contentContainer"> |
| <ul class="inheritance"> |
| <li><a href="http://java.sun.com/javase/6/docs/api/java/lang/Object.html?is-external=true" title="class or interface in java.lang">java.lang.Object</a></li> |
| <li> |
| <ul class="inheritance"> |
| <li><a href="../../../../../org/apache/shiro/realm/CachingRealm.html" title="class in org.apache.shiro.realm">org.apache.shiro.realm.CachingRealm</a></li> |
| <li> |
| <ul class="inheritance"> |
| <li><a href="../../../../../org/apache/shiro/realm/AuthenticatingRealm.html" title="class in org.apache.shiro.realm">org.apache.shiro.realm.AuthenticatingRealm</a></li> |
| <li> |
| <ul class="inheritance"> |
| <li><a href="../../../../../org/apache/shiro/realm/AuthorizingRealm.html" title="class in org.apache.shiro.realm">org.apache.shiro.realm.AuthorizingRealm</a></li> |
| <li> |
| <ul class="inheritance"> |
| <li>org.apache.shiro.realm.ldap.DefaultLdapRealm</li> |
| </ul> |
| </li> |
| </ul> |
| </li> |
| </ul> |
| </li> |
| </ul> |
| </li> |
| </ul> |
| <div class="description"> |
| <ul class="blockList"> |
| <li class="blockList"> |
| <dl> |
| <dt>All Implemented Interfaces:</dt> |
| <dd><a href="../../../../../org/apache/shiro/authc/LogoutAware.html" title="interface in org.apache.shiro.authc">LogoutAware</a>, <a href="../../../../../org/apache/shiro/authz/Authorizer.html" title="interface in org.apache.shiro.authz">Authorizer</a>, <a href="../../../../../org/apache/shiro/authz/permission/PermissionResolverAware.html" title="interface in org.apache.shiro.authz.permission">PermissionResolverAware</a>, <a href="../../../../../org/apache/shiro/authz/permission/RolePermissionResolverAware.html" title="interface in org.apache.shiro.authz.permission">RolePermissionResolverAware</a>, <a href="../../../../../org/apache/shiro/cache/CacheManagerAware.html" title="interface in org.apache.shiro.cache">CacheManagerAware</a>, <a href="../../../../../org/apache/shiro/realm/Realm.html" title="interface in org.apache.shiro.realm">Realm</a>, <a href="../../../../../org/apache/shiro/util/Initializable.html" title="interface in org.apache.shiro.util">Initializable</a>, <a href="../../../../../org/apache/shiro/util/Nameable.html" title="interface in org.apache.shiro.util">Nameable</a></dd> |
| </dl> |
| <dl> |
| <dt>Direct Known Subclasses:</dt> |
| <dd><a href="../../../../../org/apache/shiro/realm/ldap/JndiLdapRealm.html" title="class in org.apache.shiro.realm.ldap">JndiLdapRealm</a></dd> |
| </dl> |
| <hr> |
| <br> |
| <pre>public class <a href="../../../../../src-html/org/apache/shiro/realm/ldap/DefaultLdapRealm.html#line.84">DefaultLdapRealm</a> |
| extends <a href="../../../../../org/apache/shiro/realm/AuthorizingRealm.html" title="class in org.apache.shiro.realm">AuthorizingRealm</a></pre> |
| <div class="block">An LDAP <a href="../../../../../org/apache/shiro/realm/Realm.html" title="interface in org.apache.shiro.realm"><code>Realm</code></a> implementation utilizing Sun's/Oracle's |
| <a href="http://download-llnw.oracle.com/javase/tutorial/jndi/ldap/jndi.html">JNDI API as an LDAP API</a>. This is |
| Shiro's default implementation for supporting LDAP, as using the JNDI API has been a common approach for Java LDAP |
| support for many years. |
| <p/> |
| This realm implementation and its backing <a href="../../../../../org/apache/shiro/realm/ldap/JndiLdapContextFactory.html" title="class in org.apache.shiro.realm.ldap"><code>JndiLdapContextFactory</code></a> should cover 99% of all Shiro-related LDAP |
| authentication and authorization needs. However, if it does not suit your needs, you might want to look into |
| creating your own realm using an alternative, perhaps more robust, LDAP communication API, such as the |
| <a href="http://directory.apache.org/api/">Apache LDAP API</a>. |
| <h2>Authentication</h2> |
| During an authentication attempt, if the submitted <code>AuthenticationToken</code>'s |
| <a href="../../../../../org/apache/shiro/authc/AuthenticationToken.html#getPrincipal--"><code>principal</code></a> is a simple username, but the |
| LDAP directory expects a complete User Distinguished Name (User DN) to establish a connection, the |
| <a href="../../../../../org/apache/shiro/realm/ldap/DefaultLdapRealm.html#setUserDnTemplate-java.lang.String-"><code>userDnTemplate</code></a> property must be configured. If not configured, |
| the property will pass the simple username directly as the User DN, which is often incorrect in most LDAP |
| environments (maybe Microsoft ActiveDirectory being the exception). |
| <h2>Authorization</h2> |
| By default, authorization is effectively disabled due to the default |
| <a href="../../../../../org/apache/shiro/realm/ldap/DefaultLdapRealm.html#doGetAuthorizationInfo-org.apache.shiro.subject.PrincipalCollection-"><code>doGetAuthorizationInfo(org.apache.shiro.subject.PrincipalCollection)</code></a> implementation returning <code>null</code>. |
| If you wish to perform authorization based on an LDAP schema, you must subclass this one |
| and override that method to reflect your organization's data model. |
| <h2>Configuration</h2> |
| This class primarily provides the <a href="../../../../../org/apache/shiro/realm/ldap/DefaultLdapRealm.html#setUserDnTemplate-java.lang.String-"><code>userDnTemplate</code></a> property to allow you to specify |
| the your LDAP server's User DN format. Most other configuration is performed via the nested |
| <a href="../../../../../org/apache/shiro/realm/ldap/LdapContextFactory.html" title="interface in org.apache.shiro.realm.ldap"><code>contextFactory</code></a> property. |
| <p/> |
| For example, defining this realm in Shiro .ini: |
| <pre> |
| [main] |
| ldapRealm = org.apache.shiro.realm.ldap.DefaultLdapRealm |
| ldapRealm.userDnTemplate = uid={0},ou=users,dc=mycompany,dc=com |
| ldapRealm.contextFactory.url = ldap://ldapHost:389 |
| ldapRealm.contextFactory.authenticationMechanism = DIGEST-MD5 |
| ldapRealm.contextFactory.environment[some.obscure.jndi.key] = some value |
| ... |
| </pre> |
| The default <a href="../../../../../org/apache/shiro/realm/ldap/DefaultLdapRealm.html#setContextFactory-org.apache.shiro.realm.ldap.LdapContextFactory-"><code>contextFactory</code></a> instance is a <a href="../../../../../org/apache/shiro/realm/ldap/JndiLdapContextFactory.html" title="class in org.apache.shiro.realm.ldap"><code>JndiLdapContextFactory</code></a>. See that |
| class's JavaDoc for more information on configuring the LDAP connection as well as specifying JNDI environment |
| properties as necessary.</div> |
| <dl> |
| <dt><span class="simpleTagLabel">Since:</span></dt> |
| <dd>1.3</dd> |
| <dt><span class="seeLabel">See Also:</span></dt> |
| <dd><a href="../../../../../org/apache/shiro/realm/ldap/JndiLdapContextFactory.html" title="class in org.apache.shiro.realm.ldap"><code>JndiLdapContextFactory</code></a></dd> |
| </dl> |
| </li> |
| </ul> |
| </div> |
| <div class="summary"> |
| <ul class="blockList"> |
| <li class="blockList"> |
| <!-- ======== CONSTRUCTOR SUMMARY ======== --> |
| <ul class="blockList"> |
| <li class="blockList"><a name="constructor.summary"> |
| <!-- --> |
| </a> |
| <h3>Constructor Summary</h3> |
| <table class="memberSummary" border="0" cellpadding="3" cellspacing="0" summary="Constructor Summary table, listing constructors, and an explanation"> |
| <caption><span>Constructors</span><span class="tabEnd"> </span></caption> |
| <tr> |
| <th class="colOne" scope="col">Constructor and Description</th> |
| </tr> |
| <tr class="altColor"> |
| <td class="colOne"><code><span class="memberNameLink"><a href="../../../../../org/apache/shiro/realm/ldap/DefaultLdapRealm.html#DefaultLdapRealm--">DefaultLdapRealm</a></span>()</code> |
| <div class="block">Default no-argument constructor that defaults the internal <a href="../../../../../org/apache/shiro/realm/ldap/LdapContextFactory.html" title="interface in org.apache.shiro.realm.ldap"><code>LdapContextFactory</code></a> instance to a |
| <a href="../../../../../org/apache/shiro/realm/ldap/JndiLdapContextFactory.html" title="class in org.apache.shiro.realm.ldap"><code>JndiLdapContextFactory</code></a>.</div> |
| </td> |
| </tr> |
| </table> |
| </li> |
| </ul> |
| <!-- ========== METHOD SUMMARY =========== --> |
| <ul class="blockList"> |
| <li class="blockList"><a name="method.summary"> |
| <!-- --> |
| </a> |
| <h3>Method Summary</h3> |
| <table class="memberSummary" border="0" cellpadding="3" cellspacing="0" summary="Method Summary table, listing methods, and an explanation"> |
| <caption><span id="t0" class="activeTableTab"><span>All Methods</span><span class="tabEnd"> </span></span><span id="t2" class="tableTab"><span><a href="javascript:show(2);">Instance Methods</a></span><span class="tabEnd"> </span></span><span id="t4" class="tableTab"><span><a href="javascript:show(8);">Concrete Methods</a></span><span class="tabEnd"> </span></span></caption> |
| <tr> |
| <th class="colFirst" scope="col">Modifier and Type</th> |
| <th class="colLast" scope="col">Method and Description</th> |
| </tr> |
| <tr id="i0" class="altColor"> |
| <td class="colFirst"><code>protected <a href="../../../../../org/apache/shiro/authc/AuthenticationInfo.html" title="interface in org.apache.shiro.authc">AuthenticationInfo</a></code></td> |
| <td class="colLast"><code><span class="memberNameLink"><a href="../../../../../org/apache/shiro/realm/ldap/DefaultLdapRealm.html#createAuthenticationInfo-org.apache.shiro.authc.AuthenticationToken-java.lang.Object-java.lang.Object-javax.naming.ldap.LdapContext-">createAuthenticationInfo</a></span>(<a href="../../../../../org/apache/shiro/authc/AuthenticationToken.html" title="interface in org.apache.shiro.authc">AuthenticationToken</a> token, |
| <a href="http://java.sun.com/javase/6/docs/api/java/lang/Object.html?is-external=true" title="class or interface in java.lang">Object</a> ldapPrincipal, |
| <a href="http://java.sun.com/javase/6/docs/api/java/lang/Object.html?is-external=true" title="class or interface in java.lang">Object</a> ldapCredentials, |
| <a href="http://java.sun.com/javase/6/docs/api/javax/naming/ldap/LdapContext.html?is-external=true" title="class or interface in javax.naming.ldap">LdapContext</a> ldapContext)</code> |
| <div class="block">Returns the <a href="../../../../../org/apache/shiro/authc/AuthenticationInfo.html" title="interface in org.apache.shiro.authc"><code>AuthenticationInfo</code></a> resulting from a Subject's successful LDAP authentication attempt.</div> |
| </td> |
| </tr> |
| <tr id="i1" class="rowColor"> |
| <td class="colFirst"><code>protected <a href="../../../../../org/apache/shiro/authc/AuthenticationInfo.html" title="interface in org.apache.shiro.authc">AuthenticationInfo</a></code></td> |
| <td class="colLast"><code><span class="memberNameLink"><a href="../../../../../org/apache/shiro/realm/ldap/DefaultLdapRealm.html#doGetAuthenticationInfo-org.apache.shiro.authc.AuthenticationToken-">doGetAuthenticationInfo</a></span>(<a href="../../../../../org/apache/shiro/authc/AuthenticationToken.html" title="interface in org.apache.shiro.authc">AuthenticationToken</a> token)</code> |
| <div class="block">Delegates to <a href="../../../../../org/apache/shiro/realm/ldap/DefaultLdapRealm.html#queryForAuthenticationInfo-org.apache.shiro.authc.AuthenticationToken-org.apache.shiro.realm.ldap.LdapContextFactory-"><code>queryForAuthenticationInfo(org.apache.shiro.authc.AuthenticationToken, LdapContextFactory)</code></a>, |
| wrapping any <a href="http://java.sun.com/javase/6/docs/api/javax/naming/NamingException.html?is-external=true" title="class or interface in javax.naming"><code>NamingException</code></a>s in a Shiro <a href="../../../../../org/apache/shiro/authc/AuthenticationException.html" title="class in org.apache.shiro.authc"><code>AuthenticationException</code></a> to satisfy the parent method |
| signature.</div> |
| </td> |
| </tr> |
| <tr id="i2" class="altColor"> |
| <td class="colFirst"><code>protected <a href="../../../../../org/apache/shiro/authz/AuthorizationInfo.html" title="interface in org.apache.shiro.authz">AuthorizationInfo</a></code></td> |
| <td class="colLast"><code><span class="memberNameLink"><a href="../../../../../org/apache/shiro/realm/ldap/DefaultLdapRealm.html#doGetAuthorizationInfo-org.apache.shiro.subject.PrincipalCollection-">doGetAuthorizationInfo</a></span>(<a href="../../../../../org/apache/shiro/subject/PrincipalCollection.html" title="interface in org.apache.shiro.subject">PrincipalCollection</a> principals)</code> |
| <div class="block">Retrieves the AuthorizationInfo for the given principals from the underlying data store.</div> |
| </td> |
| </tr> |
| <tr id="i3" class="rowColor"> |
| <td class="colFirst"><code><a href="../../../../../org/apache/shiro/realm/ldap/LdapContextFactory.html" title="interface in org.apache.shiro.realm.ldap">LdapContextFactory</a></code></td> |
| <td class="colLast"><code><span class="memberNameLink"><a href="../../../../../org/apache/shiro/realm/ldap/DefaultLdapRealm.html#getContextFactory--">getContextFactory</a></span>()</code> |
| <div class="block">Returns the LdapContextFactory instance used to acquire connections to the LDAP directory during authentication |
| attempts and authorization queries.</div> |
| </td> |
| </tr> |
| <tr id="i4" class="altColor"> |
| <td class="colFirst"><code>protected <a href="http://java.sun.com/javase/6/docs/api/java/lang/Object.html?is-external=true" title="class or interface in java.lang">Object</a></code></td> |
| <td class="colLast"><code><span class="memberNameLink"><a href="../../../../../org/apache/shiro/realm/ldap/DefaultLdapRealm.html#getLdapPrincipal-org.apache.shiro.authc.AuthenticationToken-">getLdapPrincipal</a></span>(<a href="../../../../../org/apache/shiro/authc/AuthenticationToken.html" title="interface in org.apache.shiro.authc">AuthenticationToken</a> token)</code> |
| <div class="block">Returns the principal to use when creating the LDAP connection for an authentication attempt.</div> |
| </td> |
| </tr> |
| <tr id="i5" class="rowColor"> |
| <td class="colFirst"><code>protected <a href="http://java.sun.com/javase/6/docs/api/java/lang/String.html?is-external=true" title="class or interface in java.lang">String</a></code></td> |
| <td class="colLast"><code><span class="memberNameLink"><a href="../../../../../org/apache/shiro/realm/ldap/DefaultLdapRealm.html#getUserDn-java.lang.String-">getUserDn</a></span>(<a href="http://java.sun.com/javase/6/docs/api/java/lang/String.html?is-external=true" title="class or interface in java.lang">String</a> principal)</code> |
| <div class="block">Returns the LDAP User Distinguished Name (DN) to use when acquiring an |
| <a href="http://java.sun.com/javase/6/docs/api/javax/naming/ldap/LdapContext.html?is-external=true" title="class or interface in javax.naming.ldap"><code>LdapContext</code></a> from the <a href="../../../../../org/apache/shiro/realm/ldap/LdapContextFactory.html" title="interface in org.apache.shiro.realm.ldap"><code>LdapContextFactory</code></a>.</div> |
| </td> |
| </tr> |
| <tr id="i6" class="altColor"> |
| <td class="colFirst"><code>protected <a href="http://java.sun.com/javase/6/docs/api/java/lang/String.html?is-external=true" title="class or interface in java.lang">String</a></code></td> |
| <td class="colLast"><code><span class="memberNameLink"><a href="../../../../../org/apache/shiro/realm/ldap/DefaultLdapRealm.html#getUserDnPrefix--">getUserDnPrefix</a></span>()</code> |
| <div class="block">Returns the User DN prefix to use when building a runtime User DN value or <code>null</code> if no |
| <a href="../../../../../org/apache/shiro/realm/ldap/DefaultLdapRealm.html#getUserDnTemplate--"><code>userDnTemplate</code></a> has been configured.</div> |
| </td> |
| </tr> |
| <tr id="i7" class="rowColor"> |
| <td class="colFirst"><code>protected <a href="http://java.sun.com/javase/6/docs/api/java/lang/String.html?is-external=true" title="class or interface in java.lang">String</a></code></td> |
| <td class="colLast"><code><span class="memberNameLink"><a href="../../../../../org/apache/shiro/realm/ldap/DefaultLdapRealm.html#getUserDnSuffix--">getUserDnSuffix</a></span>()</code> |
| <div class="block">Returns the User DN suffix to use when building a runtime User DN value.</div> |
| </td> |
| </tr> |
| <tr id="i8" class="altColor"> |
| <td class="colFirst"><code><a href="http://java.sun.com/javase/6/docs/api/java/lang/String.html?is-external=true" title="class or interface in java.lang">String</a></code></td> |
| <td class="colLast"><code><span class="memberNameLink"><a href="../../../../../org/apache/shiro/realm/ldap/DefaultLdapRealm.html#getUserDnTemplate--">getUserDnTemplate</a></span>()</code> |
| <div class="block">Returns the User Distinguished Name (DN) template to use when creating User DNs at runtime - see the |
| <a href="../../../../../org/apache/shiro/realm/ldap/DefaultLdapRealm.html#setUserDnTemplate-java.lang.String-"><code>setUserDnTemplate</code></a> JavaDoc for a full explanation.</div> |
| </td> |
| </tr> |
| <tr id="i9" class="rowColor"> |
| <td class="colFirst"><code>protected <a href="../../../../../org/apache/shiro/authc/AuthenticationInfo.html" title="interface in org.apache.shiro.authc">AuthenticationInfo</a></code></td> |
| <td class="colLast"><code><span class="memberNameLink"><a href="../../../../../org/apache/shiro/realm/ldap/DefaultLdapRealm.html#queryForAuthenticationInfo-org.apache.shiro.authc.AuthenticationToken-org.apache.shiro.realm.ldap.LdapContextFactory-">queryForAuthenticationInfo</a></span>(<a href="../../../../../org/apache/shiro/authc/AuthenticationToken.html" title="interface in org.apache.shiro.authc">AuthenticationToken</a> token, |
| <a href="../../../../../org/apache/shiro/realm/ldap/LdapContextFactory.html" title="interface in org.apache.shiro.realm.ldap">LdapContextFactory</a> ldapContextFactory)</code> |
| <div class="block">This implementation opens an LDAP connection using the token's |
| <a href="../../../../../org/apache/shiro/realm/ldap/DefaultLdapRealm.html#getLdapPrincipal-org.apache.shiro.authc.AuthenticationToken-"><code>discovered principal</code></a> and provided |
| <a href="../../../../../org/apache/shiro/authc/AuthenticationToken.html#getCredentials--"><code>credentials</code></a>.</div> |
| </td> |
| </tr> |
| <tr id="i10" class="altColor"> |
| <td class="colFirst"><code>protected <a href="../../../../../org/apache/shiro/authz/AuthorizationInfo.html" title="interface in org.apache.shiro.authz">AuthorizationInfo</a></code></td> |
| <td class="colLast"><code><span class="memberNameLink"><a href="../../../../../org/apache/shiro/realm/ldap/DefaultLdapRealm.html#queryForAuthorizationInfo-org.apache.shiro.subject.PrincipalCollection-org.apache.shiro.realm.ldap.LdapContextFactory-">queryForAuthorizationInfo</a></span>(<a href="../../../../../org/apache/shiro/subject/PrincipalCollection.html" title="interface in org.apache.shiro.subject">PrincipalCollection</a> principals, |
| <a href="../../../../../org/apache/shiro/realm/ldap/LdapContextFactory.html" title="interface in org.apache.shiro.realm.ldap">LdapContextFactory</a> ldapContextFactory)</code> |
| <div class="block">Method that should be implemented by subclasses to build an |
| <a href="../../../../../org/apache/shiro/authz/AuthorizationInfo.html" title="interface in org.apache.shiro.authz"><code>AuthorizationInfo</code></a> object by querying the LDAP context for the |
| specified principal.</div> |
| </td> |
| </tr> |
| <tr id="i11" class="rowColor"> |
| <td class="colFirst"><code>void</code></td> |
| <td class="colLast"><code><span class="memberNameLink"><a href="../../../../../org/apache/shiro/realm/ldap/DefaultLdapRealm.html#setContextFactory-org.apache.shiro.realm.ldap.LdapContextFactory-">setContextFactory</a></span>(<a href="../../../../../org/apache/shiro/realm/ldap/LdapContextFactory.html" title="interface in org.apache.shiro.realm.ldap">LdapContextFactory</a> contextFactory)</code> |
| <div class="block">Sets the LdapContextFactory instance used to acquire connections to the LDAP directory during authentication |
| attempts and authorization queries.</div> |
| </td> |
| </tr> |
| <tr id="i12" class="altColor"> |
| <td class="colFirst"><code>void</code></td> |
| <td class="colLast"><code><span class="memberNameLink"><a href="../../../../../org/apache/shiro/realm/ldap/DefaultLdapRealm.html#setUserDnTemplate-java.lang.String-">setUserDnTemplate</a></span>(<a href="http://java.sun.com/javase/6/docs/api/java/lang/String.html?is-external=true" title="class or interface in java.lang">String</a> template)</code> |
| <div class="block">Sets the User Distinguished Name (DN) template to use when creating User DNs at runtime.</div> |
| </td> |
| </tr> |
| </table> |
| <ul class="blockList"> |
| <li class="blockList"><a name="methods.inherited.from.class.org.apache.shiro.realm.AuthorizingRealm"> |
| <!-- --> |
| </a> |
| <h3>Methods inherited from class org.apache.shiro.realm.<a href="../../../../../org/apache/shiro/realm/AuthorizingRealm.html" title="class in org.apache.shiro.realm">AuthorizingRealm</a></h3> |
| <code><a href="../../../../../org/apache/shiro/realm/AuthorizingRealm.html#afterCacheManagerSet--">afterCacheManagerSet</a>, <a href="../../../../../org/apache/shiro/realm/AuthorizingRealm.html#checkPermission-org.apache.shiro.authz.Permission-org.apache.shiro.authz.AuthorizationInfo-">checkPermission</a>, <a href="../../../../../org/apache/shiro/realm/AuthorizingRealm.html#checkPermission-org.apache.shiro.subject.PrincipalCollection-org.apache.shiro.authz.Permission-">checkPermission</a>, <a href="../../../../../org/apache/shiro/realm/AuthorizingRealm.html#checkPermission-org.apache.shiro.subject.PrincipalCollection-java.lang.String-">checkPermission</a>, <a href="../../../../../org/apache/shiro/realm/AuthorizingRealm.html#checkPermissions-java.util.Collection-org.apache.shiro.authz.AuthorizationInfo-">checkPermissions</a>, <a href="../../../../../org/apache/shiro/realm/AuthorizingRealm.html#checkPermissions-org.apache.shiro.subject.PrincipalCollection-java.util.Collection-">checkPermissions</a>, <a href="../../../../../org/apache/shiro/realm/AuthorizingRealm.html#checkPermissions-org.apache.shiro.subject.PrincipalCollection-java.lang.String...-">checkPermissions</a>, <a href="../../../../../org/apache/shiro/realm/AuthorizingRealm.html#checkRole-org.apache.shiro.subject.PrincipalCollection-java.lang.String-">checkRole</a>, <a href="../../../../../org/apache/shiro/realm/AuthorizingRealm.html#checkRole-java.lang.String-org.apache.shiro.authz.AuthorizationInfo-">checkRole</a>, <a href="../../../../../org/apache/shiro/realm/AuthorizingRealm.html#checkRoles-java.util.Collection-org.apache.shiro.authz.AuthorizationInfo-">checkRoles</a>, <a href="../../../../../org/apache/shiro/realm/AuthorizingRealm.html#checkRoles-org.apache.shiro.subject.PrincipalCollection-java.util.Collection-">checkRoles</a>, <a href="../../../../../org/apache/shiro/realm/AuthorizingRealm.html#checkRoles-org.apache.shiro.subject.PrincipalCollection-java.lang.String...-">checkRoles</a>, <a href="../../../../../org/apache/shiro/realm/AuthorizingRealm.html#clearCachedAuthorizationInfo-org.apache.shiro.subject.PrincipalCollection-">clearCachedAuthorizationInfo</a>, <a href="../../../../../org/apache/shiro/realm/AuthorizingRealm.html#doClearCache-org.apache.shiro.subject.PrincipalCollection-">doClearCache</a>, <a href="../../../../../org/apache/shiro/realm/AuthorizingRealm.html#getAuthorizationCache--">getAuthorizationCache</a>, <a href="../../../../../org/apache/shiro/realm/AuthorizingRealm.html#getAuthorizationCacheKey-org.apache.shiro.subject.PrincipalCollection-">getAuthorizationCacheKey</a>, <a href="../../../../../org/apache/shiro/realm/AuthorizingRealm.html#getAuthorizationCacheName--">getAuthorizationCacheName</a>, <a href="../../../../../org/apache/shiro/realm/AuthorizingRealm.html#getAuthorizationInfo-org.apache.shiro.subject.PrincipalCollection-">getAuthorizationInfo</a>, <a href="../../../../../org/apache/shiro/realm/AuthorizingRealm.html#getPermissionResolver--">getPermissionResolver</a>, <a href="../../../../../org/apache/shiro/realm/AuthorizingRealm.html#getPermissions-org.apache.shiro.authz.AuthorizationInfo-">getPermissions</a>, <a href="../../../../../org/apache/shiro/realm/AuthorizingRealm.html#getRolePermissionResolver--">getRolePermissionResolver</a>, <a href="../../../../../org/apache/shiro/realm/AuthorizingRealm.html#hasAllRoles-org.apache.shiro.subject.PrincipalCollection-java.util.Collection-">hasAllRoles</a>, <a href="../../../../../org/apache/shiro/realm/AuthorizingRealm.html#hasRole-org.apache.shiro.subject.PrincipalCollection-java.lang.String-">hasRole</a>, <a href="../../../../../org/apache/shiro/realm/AuthorizingRealm.html#hasRole-java.lang.String-org.apache.shiro.authz.AuthorizationInfo-">hasRole</a>, <a href="../../../../../org/apache/shiro/realm/AuthorizingRealm.html#hasRoles-java.util.List-org.apache.shiro.authz.AuthorizationInfo-">hasRoles</a>, <a href="../../../../../org/apache/shiro/realm/AuthorizingRealm.html#hasRoles-org.apache.shiro.subject.PrincipalCollection-java.util.List-">hasRoles</a>, <a href="../../../../../org/apache/shiro/realm/AuthorizingRealm.html#isAuthorizationCachingEnabled--">isAuthorizationCachingEnabled</a>, <a href="../../../../../org/apache/shiro/realm/AuthorizingRealm.html#isPermitted-java.util.List-org.apache.shiro.authz.AuthorizationInfo-">isPermitted</a>, <a href="../../../../../org/apache/shiro/realm/AuthorizingRealm.html#isPermitted-org.apache.shiro.authz.Permission-org.apache.shiro.authz.AuthorizationInfo-">isPermitted</a>, <a href="../../../../../org/apache/shiro/realm/AuthorizingRealm.html#isPermitted-org.apache.shiro.subject.PrincipalCollection-java.util.List-">isPermitted</a>, <a href="../../../../../org/apache/shiro/realm/AuthorizingRealm.html#isPermitted-org.apache.shiro.subject.PrincipalCollection-org.apache.shiro.authz.Permission-">isPermitted</a>, <a href="../../../../../org/apache/shiro/realm/AuthorizingRealm.html#isPermitted-org.apache.shiro.subject.PrincipalCollection-java.lang.String...-">isPermitted</a>, <a href="../../../../../org/apache/shiro/realm/AuthorizingRealm.html#isPermitted-org.apache.shiro.subject.PrincipalCollection-java.lang.String-">isPermitted</a>, <a href="../../../../../org/apache/shiro/realm/AuthorizingRealm.html#isPermittedAll-java.util.Collection-org.apache.shiro.authz.AuthorizationInfo-">isPermittedAll</a>, <a href="../../../../../org/apache/shiro/realm/AuthorizingRealm.html#isPermittedAll-org.apache.shiro.subject.PrincipalCollection-java.util.Collection-">isPermittedAll</a>, <a href="../../../../../org/apache/shiro/realm/AuthorizingRealm.html#isPermittedAll-org.apache.shiro.subject.PrincipalCollection-java.lang.String...-">isPermittedAll</a>, <a href="../../../../../org/apache/shiro/realm/AuthorizingRealm.html#onInit--">onInit</a>, <a href="../../../../../org/apache/shiro/realm/AuthorizingRealm.html#setAuthorizationCache-org.apache.shiro.cache.Cache-">setAuthorizationCache</a>, <a href="../../../../../org/apache/shiro/realm/AuthorizingRealm.html#setAuthorizationCacheName-java.lang.String-">setAuthorizationCacheName</a>, <a href="../../../../../org/apache/shiro/realm/AuthorizingRealm.html#setAuthorizationCachingEnabled-boolean-">setAuthorizationCachingEnabled</a>, <a href="../../../../../org/apache/shiro/realm/AuthorizingRealm.html#setName-java.lang.String-">setName</a>, <a href="../../../../../org/apache/shiro/realm/AuthorizingRealm.html#setPermissionResolver-org.apache.shiro.authz.permission.PermissionResolver-">setPermissionResolver</a>, <a href="../../../../../org/apache/shiro/realm/AuthorizingRealm.html#setRolePermissionResolver-org.apache.shiro.authz.permission.RolePermissionResolver-">setRolePermissionResolver</a></code></li> |
| </ul> |
| <ul class="blockList"> |
| <li class="blockList"><a name="methods.inherited.from.class.org.apache.shiro.realm.AuthenticatingRealm"> |
| <!-- --> |
| </a> |
| <h3>Methods inherited from class org.apache.shiro.realm.<a href="../../../../../org/apache/shiro/realm/AuthenticatingRealm.html" title="class in org.apache.shiro.realm">AuthenticatingRealm</a></h3> |
| <code><a href="../../../../../org/apache/shiro/realm/AuthenticatingRealm.html#assertCredentialsMatch-org.apache.shiro.authc.AuthenticationToken-org.apache.shiro.authc.AuthenticationInfo-">assertCredentialsMatch</a>, <a href="../../../../../org/apache/shiro/realm/AuthenticatingRealm.html#clearCachedAuthenticationInfo-org.apache.shiro.subject.PrincipalCollection-">clearCachedAuthenticationInfo</a>, <a href="../../../../../org/apache/shiro/realm/AuthenticatingRealm.html#getAuthenticationCache--">getAuthenticationCache</a>, <a href="../../../../../org/apache/shiro/realm/AuthenticatingRealm.html#getAuthenticationCacheKey-org.apache.shiro.authc.AuthenticationToken-">getAuthenticationCacheKey</a>, <a href="../../../../../org/apache/shiro/realm/AuthenticatingRealm.html#getAuthenticationCacheKey-org.apache.shiro.subject.PrincipalCollection-">getAuthenticationCacheKey</a>, <a href="../../../../../org/apache/shiro/realm/AuthenticatingRealm.html#getAuthenticationCacheName--">getAuthenticationCacheName</a>, <a href="../../../../../org/apache/shiro/realm/AuthenticatingRealm.html#getAuthenticationInfo-org.apache.shiro.authc.AuthenticationToken-">getAuthenticationInfo</a>, <a href="../../../../../org/apache/shiro/realm/AuthenticatingRealm.html#getAuthenticationTokenClass--">getAuthenticationTokenClass</a>, <a href="../../../../../org/apache/shiro/realm/AuthenticatingRealm.html#getCredentialsMatcher--">getCredentialsMatcher</a>, <a href="../../../../../org/apache/shiro/realm/AuthenticatingRealm.html#init--">init</a>, <a href="../../../../../org/apache/shiro/realm/AuthenticatingRealm.html#isAuthenticationCachingEnabled--">isAuthenticationCachingEnabled</a>, <a href="../../../../../org/apache/shiro/realm/AuthenticatingRealm.html#isAuthenticationCachingEnabled-org.apache.shiro.authc.AuthenticationToken-org.apache.shiro.authc.AuthenticationInfo-">isAuthenticationCachingEnabled</a>, <a href="../../../../../org/apache/shiro/realm/AuthenticatingRealm.html#setAuthenticationCache-org.apache.shiro.cache.Cache-">setAuthenticationCache</a>, <a href="../../../../../org/apache/shiro/realm/AuthenticatingRealm.html#setAuthenticationCacheName-java.lang.String-">setAuthenticationCacheName</a>, <a href="../../../../../org/apache/shiro/realm/AuthenticatingRealm.html#setAuthenticationCachingEnabled-boolean-">setAuthenticationCachingEnabled</a>, <a href="../../../../../org/apache/shiro/realm/AuthenticatingRealm.html#setAuthenticationTokenClass-java.lang.Class-">setAuthenticationTokenClass</a>, <a href="../../../../../org/apache/shiro/realm/AuthenticatingRealm.html#setCredentialsMatcher-org.apache.shiro.authc.credential.CredentialsMatcher-">setCredentialsMatcher</a>, <a href="../../../../../org/apache/shiro/realm/AuthenticatingRealm.html#supports-org.apache.shiro.authc.AuthenticationToken-">supports</a></code></li> |
| </ul> |
| <ul class="blockList"> |
| <li class="blockList"><a name="methods.inherited.from.class.org.apache.shiro.realm.CachingRealm"> |
| <!-- --> |
| </a> |
| <h3>Methods inherited from class org.apache.shiro.realm.<a href="../../../../../org/apache/shiro/realm/CachingRealm.html" title="class in org.apache.shiro.realm">CachingRealm</a></h3> |
| <code><a href="../../../../../org/apache/shiro/realm/CachingRealm.html#clearCache-org.apache.shiro.subject.PrincipalCollection-">clearCache</a>, <a href="../../../../../org/apache/shiro/realm/CachingRealm.html#getAvailablePrincipal-org.apache.shiro.subject.PrincipalCollection-">getAvailablePrincipal</a>, <a href="../../../../../org/apache/shiro/realm/CachingRealm.html#getCacheManager--">getCacheManager</a>, <a href="../../../../../org/apache/shiro/realm/CachingRealm.html#getName--">getName</a>, <a href="../../../../../org/apache/shiro/realm/CachingRealm.html#isCachingEnabled--">isCachingEnabled</a>, <a href="../../../../../org/apache/shiro/realm/CachingRealm.html#onLogout-org.apache.shiro.subject.PrincipalCollection-">onLogout</a>, <a href="../../../../../org/apache/shiro/realm/CachingRealm.html#setCacheManager-org.apache.shiro.cache.CacheManager-">setCacheManager</a>, <a href="../../../../../org/apache/shiro/realm/CachingRealm.html#setCachingEnabled-boolean-">setCachingEnabled</a></code></li> |
| </ul> |
| <ul class="blockList"> |
| <li class="blockList"><a name="methods.inherited.from.class.java.lang.Object"> |
| <!-- --> |
| </a> |
| <h3>Methods inherited from class java.lang.<a href="http://java.sun.com/javase/6/docs/api/java/lang/Object.html?is-external=true" title="class or interface in java.lang">Object</a></h3> |
| <code><a href="http://java.sun.com/javase/6/docs/api/java/lang/Object.html?is-external=true#clone--" title="class or interface in java.lang">clone</a>, <a href="http://java.sun.com/javase/6/docs/api/java/lang/Object.html?is-external=true#equals-java.lang.Object-" title="class or interface in java.lang">equals</a>, <a href="http://java.sun.com/javase/6/docs/api/java/lang/Object.html?is-external=true#finalize--" title="class or interface in java.lang">finalize</a>, <a href="http://java.sun.com/javase/6/docs/api/java/lang/Object.html?is-external=true#getClass--" title="class or interface in java.lang">getClass</a>, <a href="http://java.sun.com/javase/6/docs/api/java/lang/Object.html?is-external=true#hashCode--" title="class or interface in java.lang">hashCode</a>, <a href="http://java.sun.com/javase/6/docs/api/java/lang/Object.html?is-external=true#notify--" title="class or interface in java.lang">notify</a>, <a href="http://java.sun.com/javase/6/docs/api/java/lang/Object.html?is-external=true#notifyAll--" title="class or interface in java.lang">notifyAll</a>, <a href="http://java.sun.com/javase/6/docs/api/java/lang/Object.html?is-external=true#toString--" title="class or interface in java.lang">toString</a>, <a href="http://java.sun.com/javase/6/docs/api/java/lang/Object.html?is-external=true#wait--" title="class or interface in java.lang">wait</a>, <a href="http://java.sun.com/javase/6/docs/api/java/lang/Object.html?is-external=true#wait-long-" title="class or interface in java.lang">wait</a>, <a href="http://java.sun.com/javase/6/docs/api/java/lang/Object.html?is-external=true#wait-long-int-" title="class or interface in java.lang">wait</a></code></li> |
| </ul> |
| <ul class="blockList"> |
| <li class="blockList"><a name="methods.inherited.from.class.org.apache.shiro.util.Initializable"> |
| <!-- --> |
| </a> |
| <h3>Methods inherited from interface org.apache.shiro.util.<a href="../../../../../org/apache/shiro/util/Initializable.html" title="interface in org.apache.shiro.util">Initializable</a></h3> |
| <code><a href="../../../../../org/apache/shiro/util/Initializable.html#init--">init</a></code></li> |
| </ul> |
| </li> |
| </ul> |
| </li> |
| </ul> |
| </div> |
| <div class="details"> |
| <ul class="blockList"> |
| <li class="blockList"> |
| <!-- ========= CONSTRUCTOR DETAIL ======== --> |
| <ul class="blockList"> |
| <li class="blockList"><a name="constructor.detail"> |
| <!-- --> |
| </a> |
| <h3>Constructor Detail</h3> |
| <a name="DefaultLdapRealm--"> |
| <!-- --> |
| </a> |
| <ul class="blockListLast"> |
| <li class="blockList"> |
| <h4>DefaultLdapRealm</h4> |
| <pre>public <a href="../../../../../src-html/org/apache/shiro/realm/ldap/DefaultLdapRealm.html#line.111">DefaultLdapRealm</a>()</pre> |
| <div class="block">Default no-argument constructor that defaults the internal <a href="../../../../../org/apache/shiro/realm/ldap/LdapContextFactory.html" title="interface in org.apache.shiro.realm.ldap"><code>LdapContextFactory</code></a> instance to a |
| <a href="../../../../../org/apache/shiro/realm/ldap/JndiLdapContextFactory.html" title="class in org.apache.shiro.realm.ldap"><code>JndiLdapContextFactory</code></a>.</div> |
| </li> |
| </ul> |
| </li> |
| </ul> |
| <!-- ============ METHOD DETAIL ========== --> |
| <ul class="blockList"> |
| <li class="blockList"><a name="method.detail"> |
| <!-- --> |
| </a> |
| <h3>Method Detail</h3> |
| <a name="getUserDnPrefix--"> |
| <!-- --> |
| </a> |
| <ul class="blockList"> |
| <li class="blockList"> |
| <h4>getUserDnPrefix</h4> |
| <pre>protected <a href="http://java.sun.com/javase/6/docs/api/java/lang/String.html?is-external=true" title="class or interface in java.lang">String</a> <a href="../../../../../src-html/org/apache/shiro/realm/ldap/DefaultLdapRealm.html#line.131">getUserDnPrefix</a>()</pre> |
| <div class="block">Returns the User DN prefix to use when building a runtime User DN value or <code>null</code> if no |
| <a href="../../../../../org/apache/shiro/realm/ldap/DefaultLdapRealm.html#getUserDnTemplate--"><code>userDnTemplate</code></a> has been configured. If configured, this value is the text that |
| occurs before the <a href="../../../../../org/apache/shiro/realm/ldap/DefaultLdapRealm.html#USERDN_SUBSTITUTION_TOKEN"><code>USERDN_SUBSTITUTION_TOKEN</code></a> in the <a href="../../../../../org/apache/shiro/realm/ldap/DefaultLdapRealm.html#getUserDnTemplate--"><code>userDnTemplate</code></a> value.</div> |
| <dl> |
| <dt><span class="returnLabel">Returns:</span></dt> |
| <dd>the the User DN prefix to use when building a runtime User DN value or <code>null</code> if no |
| <a href="../../../../../org/apache/shiro/realm/ldap/DefaultLdapRealm.html#getUserDnTemplate--"><code>userDnTemplate</code></a> has been configured.</dd> |
| </dl> |
| </li> |
| </ul> |
| <a name="getUserDnSuffix--"> |
| <!-- --> |
| </a> |
| <ul class="blockList"> |
| <li class="blockList"> |
| <h4>getUserDnSuffix</h4> |
| <pre>protected <a href="http://java.sun.com/javase/6/docs/api/java/lang/String.html?is-external=true" title="class or interface in java.lang">String</a> <a href="../../../../../src-html/org/apache/shiro/realm/ldap/DefaultLdapRealm.html#line.143">getUserDnSuffix</a>()</pre> |
| <div class="block">Returns the User DN suffix to use when building a runtime User DN value. or <code>null</code> if no |
| <a href="../../../../../org/apache/shiro/realm/ldap/DefaultLdapRealm.html#getUserDnTemplate--"><code>userDnTemplate</code></a> has been configured. If configured, this value is the text that |
| occurs after the <a href="../../../../../org/apache/shiro/realm/ldap/DefaultLdapRealm.html#USERDN_SUBSTITUTION_TOKEN"><code>USERDN_SUBSTITUTION_TOKEN</code></a> in the <a href="../../../../../org/apache/shiro/realm/ldap/DefaultLdapRealm.html#getUserDnTemplate--"><code>userDnTemplate</code></a> value.</div> |
| <dl> |
| <dt><span class="returnLabel">Returns:</span></dt> |
| <dd>the User DN suffix to use when building a runtime User DN value or <code>null</code> if no |
| <a href="../../../../../org/apache/shiro/realm/ldap/DefaultLdapRealm.html#getUserDnTemplate--"><code>userDnTemplate</code></a> has been configured.</dd> |
| </dl> |
| </li> |
| </ul> |
| <a name="setUserDnTemplate-java.lang.String-"> |
| <!-- --> |
| </a> |
| <ul class="blockList"> |
| <li class="blockList"> |
| <h4>setUserDnTemplate</h4> |
| <pre>public void <a href="../../../../../src-html/org/apache/shiro/realm/ldap/DefaultLdapRealm.html#line.181">setUserDnTemplate</a>(<a href="http://java.sun.com/javase/6/docs/api/java/lang/String.html?is-external=true" title="class or interface in java.lang">String</a> template) |
| throws <a href="http://java.sun.com/javase/6/docs/api/java/lang/IllegalArgumentException.html?is-external=true" title="class or interface in java.lang">IllegalArgumentException</a></pre> |
| <div class="block">Sets the User Distinguished Name (DN) template to use when creating User DNs at runtime. A User DN is an LDAP |
| fully-qualified unique user identifier which is required to establish a connection with the LDAP |
| directory to authenticate users and query for authorization information. |
| <h2>Usage</h2> |
| User DN formats are unique to the LDAP directory's schema, and each environment differs - you will need to |
| specify the format corresponding to your directory. You do this by specifying the full User DN as normal, but |
| but you use a <b><code>{0}</code></b> placeholder token in the string representing the location where the |
| user's submitted principal (usually a username or uid) will be substituted at runtime. |
| <p/> |
| For example, if your directory |
| uses an LDAP <code>uid</code> attribute to represent usernames, the User DN for the <code>jsmith</code> user may look like |
| this: |
| <p/> |
| <pre>uid=jsmith,ou=users,dc=mycompany,dc=com</pre> |
| <p/> |
| in which case you would set this property with the following template value: |
| <p/> |
| <pre>uid=<b>{0}</b>,ou=users,dc=mycompany,dc=com</pre> |
| <p/> |
| If no template is configured, the raw <code>AuthenticationToken</code> |
| <a href="../../../../../org/apache/shiro/authc/AuthenticationToken.html#getPrincipal--"><code>principal</code></a> will be used as the LDAP principal. This is likely |
| incorrect as most LDAP directories expect a fully-qualified User DN as opposed to the raw uid or username. So, |
| ensure you set this property to match your environment!</div> |
| <dl> |
| <dt><span class="paramLabel">Parameters:</span></dt> |
| <dd><code>template</code> - the User Distinguished Name template to use for runtime substitution</dd> |
| <dt><span class="throwsLabel">Throws:</span></dt> |
| <dd><code><a href="http://java.sun.com/javase/6/docs/api/java/lang/IllegalArgumentException.html?is-external=true" title="class or interface in java.lang">IllegalArgumentException</a></code> - if the template is null, empty, or does not contain the |
| <code>{0}</code> substitution token.</dd> |
| <dt><span class="seeLabel">See Also:</span></dt> |
| <dd><a href="../../../../../org/apache/shiro/realm/ldap/LdapContextFactory.html#getLdapContext-java.lang.Object-java.lang.Object-"><code>LdapContextFactory.getLdapContext(Object,Object)</code></a></dd> |
| </dl> |
| </li> |
| </ul> |
| <a name="getUserDnTemplate--"> |
| <!-- --> |
| </a> |
| <ul class="blockList"> |
| <li class="blockList"> |
| <h4>getUserDnTemplate</h4> |
| <pre>public <a href="http://java.sun.com/javase/6/docs/api/java/lang/String.html?is-external=true" title="class or interface in java.lang">String</a> <a href="../../../../../src-html/org/apache/shiro/realm/ldap/DefaultLdapRealm.html#line.208">getUserDnTemplate</a>()</pre> |
| <div class="block">Returns the User Distinguished Name (DN) template to use when creating User DNs at runtime - see the |
| <a href="../../../../../org/apache/shiro/realm/ldap/DefaultLdapRealm.html#setUserDnTemplate-java.lang.String-"><code>setUserDnTemplate</code></a> JavaDoc for a full explanation.</div> |
| <dl> |
| <dt><span class="returnLabel">Returns:</span></dt> |
| <dd>the User Distinguished Name (DN) template to use when creating User DNs at runtime.</dd> |
| </dl> |
| </li> |
| </ul> |
| <a name="getUserDn-java.lang.String-"> |
| <!-- --> |
| </a> |
| <ul class="blockList"> |
| <li class="blockList"> |
| <h4>getUserDn</h4> |
| <pre>protected <a href="http://java.sun.com/javase/6/docs/api/java/lang/String.html?is-external=true" title="class or interface in java.lang">String</a> <a href="../../../../../src-html/org/apache/shiro/realm/ldap/DefaultLdapRealm.html#line.227">getUserDn</a>(<a href="http://java.sun.com/javase/6/docs/api/java/lang/String.html?is-external=true" title="class or interface in java.lang">String</a> principal) |
| throws <a href="http://java.sun.com/javase/6/docs/api/java/lang/IllegalArgumentException.html?is-external=true" title="class or interface in java.lang">IllegalArgumentException</a>, |
| <a href="http://java.sun.com/javase/6/docs/api/java/lang/IllegalStateException.html?is-external=true" title="class or interface in java.lang">IllegalStateException</a></pre> |
| <div class="block">Returns the LDAP User Distinguished Name (DN) to use when acquiring an |
| <a href="http://java.sun.com/javase/6/docs/api/javax/naming/ldap/LdapContext.html?is-external=true" title="class or interface in javax.naming.ldap"><code>LdapContext</code></a> from the <a href="../../../../../org/apache/shiro/realm/ldap/LdapContextFactory.html" title="interface in org.apache.shiro.realm.ldap"><code>LdapContextFactory</code></a>. |
| <p/> |
| If the the <a href="../../../../../org/apache/shiro/realm/ldap/DefaultLdapRealm.html#getUserDnTemplate--"><code>userDnTemplate</code></a> property has been set, this implementation will construct |
| the User DN by substituting the specified <code>principal</code> into the configured template. If the |
| <a href="../../../../../org/apache/shiro/realm/ldap/DefaultLdapRealm.html#getUserDnTemplate--"><code>userDnTemplate</code></a> has not been set, the method argument will be returned directly |
| (indicating that the submitted authentication token principal <em>is</em> the User DN).</div> |
| <dl> |
| <dt><span class="paramLabel">Parameters:</span></dt> |
| <dd><code>principal</code> - the principal to substitute into the configured <a href="../../../../../org/apache/shiro/realm/ldap/DefaultLdapRealm.html#getUserDnTemplate--"><code>userDnTemplate</code></a>.</dd> |
| <dt><span class="returnLabel">Returns:</span></dt> |
| <dd>the constructed User DN to use at runtime when acquiring an <a href="http://java.sun.com/javase/6/docs/api/javax/naming/ldap/LdapContext.html?is-external=true" title="class or interface in javax.naming.ldap"><code>LdapContext</code></a>.</dd> |
| <dt><span class="throwsLabel">Throws:</span></dt> |
| <dd><code><a href="http://java.sun.com/javase/6/docs/api/java/lang/IllegalArgumentException.html?is-external=true" title="class or interface in java.lang">IllegalArgumentException</a></code> - if the method argument is null or empty</dd> |
| <dd><code><a href="http://java.sun.com/javase/6/docs/api/java/lang/IllegalStateException.html?is-external=true" title="class or interface in java.lang">IllegalStateException</a></code> - if the <a href="../../../../../org/apache/shiro/realm/ldap/DefaultLdapRealm.html#getUserDnTemplate--"><code>userDnTemplate</code></a> has not been set.</dd> |
| <dt><span class="seeLabel">See Also:</span></dt> |
| <dd><a href="../../../../../org/apache/shiro/realm/ldap/LdapContextFactory.html#getLdapContext-java.lang.Object-java.lang.Object-"><code>LdapContextFactory.getLdapContext(Object, Object)</code></a></dd> |
| </dl> |
| </li> |
| </ul> |
| <a name="setContextFactory-org.apache.shiro.realm.ldap.LdapContextFactory-"> |
| <!-- --> |
| </a> |
| <ul class="blockList"> |
| <li class="blockList"> |
| <h4>setContextFactory</h4> |
| <pre>public void <a href="../../../../../src-html/org/apache/shiro/realm/ldap/DefaultLdapRealm.html#line.262">setContextFactory</a>(<a href="../../../../../org/apache/shiro/realm/ldap/LdapContextFactory.html" title="interface in org.apache.shiro.realm.ldap">LdapContextFactory</a> contextFactory)</pre> |
| <div class="block">Sets the LdapContextFactory instance used to acquire connections to the LDAP directory during authentication |
| attempts and authorization queries. Unless specified otherwise, the default is a <a href="../../../../../org/apache/shiro/realm/ldap/JndiLdapContextFactory.html" title="class in org.apache.shiro.realm.ldap"><code>JndiLdapContextFactory</code></a> |
| instance.</div> |
| <dl> |
| <dt><span class="paramLabel">Parameters:</span></dt> |
| <dd><code>contextFactory</code> - the LdapContextFactory instance used to acquire connections to the LDAP directory during |
| authentication attempts and authorization queries</dd> |
| </dl> |
| </li> |
| </ul> |
| <a name="getContextFactory--"> |
| <!-- --> |
| </a> |
| <ul class="blockList"> |
| <li class="blockList"> |
| <h4>getContextFactory</h4> |
| <pre>public <a href="../../../../../org/apache/shiro/realm/ldap/LdapContextFactory.html" title="interface in org.apache.shiro.realm.ldap">LdapContextFactory</a> <a href="../../../../../src-html/org/apache/shiro/realm/ldap/DefaultLdapRealm.html#line.274">getContextFactory</a>()</pre> |
| <div class="block">Returns the LdapContextFactory instance used to acquire connections to the LDAP directory during authentication |
| attempts and authorization queries. Unless specified otherwise, the default is a <a href="../../../../../org/apache/shiro/realm/ldap/JndiLdapContextFactory.html" title="class in org.apache.shiro.realm.ldap"><code>JndiLdapContextFactory</code></a> |
| instance.</div> |
| <dl> |
| <dt><span class="returnLabel">Returns:</span></dt> |
| <dd>the LdapContextFactory instance used to acquire connections to the LDAP directory during |
| authentication attempts and authorization queries</dd> |
| </dl> |
| </li> |
| </ul> |
| <a name="doGetAuthenticationInfo-org.apache.shiro.authc.AuthenticationToken-"> |
| <!-- --> |
| </a> |
| <ul class="blockList"> |
| <li class="blockList"> |
| <h4>doGetAuthenticationInfo</h4> |
| <pre>protected <a href="../../../../../org/apache/shiro/authc/AuthenticationInfo.html" title="interface in org.apache.shiro.authc">AuthenticationInfo</a> <a href="../../../../../src-html/org/apache/shiro/realm/ldap/DefaultLdapRealm.html#line.292">doGetAuthenticationInfo</a>(<a href="../../../../../org/apache/shiro/authc/AuthenticationToken.html" title="interface in org.apache.shiro.authc">AuthenticationToken</a> token) |
| throws <a href="../../../../../org/apache/shiro/authc/AuthenticationException.html" title="class in org.apache.shiro.authc">AuthenticationException</a></pre> |
| <div class="block">Delegates to <a href="../../../../../org/apache/shiro/realm/ldap/DefaultLdapRealm.html#queryForAuthenticationInfo-org.apache.shiro.authc.AuthenticationToken-org.apache.shiro.realm.ldap.LdapContextFactory-"><code>queryForAuthenticationInfo(org.apache.shiro.authc.AuthenticationToken, LdapContextFactory)</code></a>, |
| wrapping any <a href="http://java.sun.com/javase/6/docs/api/javax/naming/NamingException.html?is-external=true" title="class or interface in javax.naming"><code>NamingException</code></a>s in a Shiro <a href="../../../../../org/apache/shiro/authc/AuthenticationException.html" title="class in org.apache.shiro.authc"><code>AuthenticationException</code></a> to satisfy the parent method |
| signature.</div> |
| <dl> |
| <dt><span class="overrideSpecifyLabel">Specified by:</span></dt> |
| <dd><code><a href="../../../../../org/apache/shiro/realm/AuthenticatingRealm.html#doGetAuthenticationInfo-org.apache.shiro.authc.AuthenticationToken-">doGetAuthenticationInfo</a></code> in class <code><a href="../../../../../org/apache/shiro/realm/AuthenticatingRealm.html" title="class in org.apache.shiro.realm">AuthenticatingRealm</a></code></dd> |
| <dt><span class="paramLabel">Parameters:</span></dt> |
| <dd><code>token</code> - the authentication token containing the user's principal and credentials.</dd> |
| <dt><span class="returnLabel">Returns:</span></dt> |
| <dd>the <a href="../../../../../org/apache/shiro/authc/AuthenticationInfo.html" title="interface in org.apache.shiro.authc"><code>AuthenticationInfo</code></a> acquired after a successful authentication attempt</dd> |
| <dt><span class="throwsLabel">Throws:</span></dt> |
| <dd><code><a href="../../../../../org/apache/shiro/authc/AuthenticationException.html" title="class in org.apache.shiro.authc">AuthenticationException</a></code> - if the authentication attempt fails or if a |
| <a href="http://java.sun.com/javase/6/docs/api/javax/naming/NamingException.html?is-external=true" title="class or interface in javax.naming"><code>NamingException</code></a> occurs.</dd> |
| </dl> |
| </li> |
| </ul> |
| <a name="doGetAuthorizationInfo-org.apache.shiro.subject.PrincipalCollection-"> |
| <!-- --> |
| </a> |
| <ul class="blockList"> |
| <li class="blockList"> |
| <h4>doGetAuthorizationInfo</h4> |
| <pre>protected <a href="../../../../../org/apache/shiro/authz/AuthorizationInfo.html" title="interface in org.apache.shiro.authz">AuthorizationInfo</a> <a href="../../../../../src-html/org/apache/shiro/realm/ldap/DefaultLdapRealm.html#line.310">doGetAuthorizationInfo</a>(<a href="../../../../../org/apache/shiro/subject/PrincipalCollection.html" title="interface in org.apache.shiro.subject">PrincipalCollection</a> principals)</pre> |
| <div class="block"><span class="descfrmTypeLabel">Description copied from class: <code><a href="../../../../../org/apache/shiro/realm/AuthorizingRealm.html#doGetAuthorizationInfo-org.apache.shiro.subject.PrincipalCollection-">AuthorizingRealm</a></code></span></div> |
| <div class="block">Retrieves the AuthorizationInfo for the given principals from the underlying data store. When returning |
| an instance from this method, you might want to consider using an instance of |
| <a href="../../../../../org/apache/shiro/authz/SimpleAuthorizationInfo.html" title="class in org.apache.shiro.authz"><code>SimpleAuthorizationInfo</code></a>, as it is suitable in most cases.</div> |
| <dl> |
| <dt><span class="overrideSpecifyLabel">Specified by:</span></dt> |
| <dd><code><a href="../../../../../org/apache/shiro/realm/AuthorizingRealm.html#doGetAuthorizationInfo-org.apache.shiro.subject.PrincipalCollection-">doGetAuthorizationInfo</a></code> in class <code><a href="../../../../../org/apache/shiro/realm/AuthorizingRealm.html" title="class in org.apache.shiro.realm">AuthorizingRealm</a></code></dd> |
| <dt><span class="paramLabel">Parameters:</span></dt> |
| <dd><code>principals</code> - the primary identifying principals of the AuthorizationInfo that should be retrieved.</dd> |
| <dt><span class="returnLabel">Returns:</span></dt> |
| <dd>the AuthorizationInfo associated with this principals.</dd> |
| <dt><span class="seeLabel">See Also:</span></dt> |
| <dd><a href="../../../../../org/apache/shiro/authz/SimpleAuthorizationInfo.html" title="class in org.apache.shiro.authz"><code>SimpleAuthorizationInfo</code></a></dd> |
| </dl> |
| </li> |
| </ul> |
| <a name="getLdapPrincipal-org.apache.shiro.authc.AuthenticationToken-"> |
| <!-- --> |
| </a> |
| <ul class="blockList"> |
| <li class="blockList"> |
| <h4>getLdapPrincipal</h4> |
| <pre>protected <a href="http://java.sun.com/javase/6/docs/api/java/lang/Object.html?is-external=true" title="class or interface in java.lang">Object</a> <a href="../../../../../src-html/org/apache/shiro/realm/ldap/DefaultLdapRealm.html#line.338">getLdapPrincipal</a>(<a href="../../../../../org/apache/shiro/authc/AuthenticationToken.html" title="interface in org.apache.shiro.authc">AuthenticationToken</a> token)</pre> |
| <div class="block">Returns the principal to use when creating the LDAP connection for an authentication attempt. |
| <p/> |
| This implementation uses a heuristic: it checks to see if the specified token's |
| <a href="../../../../../org/apache/shiro/authc/AuthenticationToken.html#getPrincipal--"><code>principal</code></a> is a <code>String</code>, and if so, |
| <a href="../../../../../org/apache/shiro/realm/ldap/DefaultLdapRealm.html#getUserDn-java.lang.String-"><code>converts it</code></a> from what is |
| assumed to be a raw uid or username <code>String</code> into a User DN <code>String</code>. Almost all LDAP directories |
| expect the authentication connection to present a User DN and not an unqualified username or uid. |
| <p/> |
| If the token's <code>principal</code> is not a String, it is assumed to already be in the format supported by the |
| underlying <a href="../../../../../org/apache/shiro/realm/ldap/LdapContextFactory.html" title="interface in org.apache.shiro.realm.ldap"><code>LdapContextFactory</code></a> implementation and the raw principal is returned directly.</div> |
| <dl> |
| <dt><span class="paramLabel">Parameters:</span></dt> |
| <dd><code>token</code> - the <a href="../../../../../org/apache/shiro/authc/AuthenticationToken.html" title="interface in org.apache.shiro.authc"><code>AuthenticationToken</code></a> submitted during the authentication process</dd> |
| <dt><span class="returnLabel">Returns:</span></dt> |
| <dd>the User DN or raw principal to use to acquire the LdapContext.</dd> |
| <dt><span class="seeLabel">See Also:</span></dt> |
| <dd><a href="../../../../../org/apache/shiro/realm/ldap/LdapContextFactory.html#getLdapContext-java.lang.Object-java.lang.Object-"><code>LdapContextFactory.getLdapContext(Object, Object)</code></a></dd> |
| </dl> |
| </li> |
| </ul> |
| <a name="queryForAuthenticationInfo-org.apache.shiro.authc.AuthenticationToken-org.apache.shiro.realm.ldap.LdapContextFactory-"> |
| <!-- --> |
| </a> |
| <ul class="blockList"> |
| <li class="blockList"> |
| <h4>queryForAuthenticationInfo</h4> |
| <pre>protected <a href="../../../../../org/apache/shiro/authc/AuthenticationInfo.html" title="interface in org.apache.shiro.authc">AuthenticationInfo</a> <a href="../../../../../src-html/org/apache/shiro/realm/ldap/DefaultLdapRealm.html#line.362">queryForAuthenticationInfo</a>(<a href="../../../../../org/apache/shiro/authc/AuthenticationToken.html" title="interface in org.apache.shiro.authc">AuthenticationToken</a> token, |
| <a href="../../../../../org/apache/shiro/realm/ldap/LdapContextFactory.html" title="interface in org.apache.shiro.realm.ldap">LdapContextFactory</a> ldapContextFactory) |
| throws <a href="http://java.sun.com/javase/6/docs/api/javax/naming/NamingException.html?is-external=true" title="class or interface in javax.naming">NamingException</a></pre> |
| <div class="block">This implementation opens an LDAP connection using the token's |
| <a href="../../../../../org/apache/shiro/realm/ldap/DefaultLdapRealm.html#getLdapPrincipal-org.apache.shiro.authc.AuthenticationToken-"><code>discovered principal</code></a> and provided |
| <a href="../../../../../org/apache/shiro/authc/AuthenticationToken.html#getCredentials--"><code>credentials</code></a>. If the connection opens successfully, the |
| authentication attempt is immediately considered successful and a new |
| <a href="../../../../../org/apache/shiro/authc/AuthenticationInfo.html" title="interface in org.apache.shiro.authc"><code>AuthenticationInfo</code></a> instance is |
| <a href="../../../../../org/apache/shiro/realm/ldap/DefaultLdapRealm.html#createAuthenticationInfo-org.apache.shiro.authc.AuthenticationToken-java.lang.Object-java.lang.Object-javax.naming.ldap.LdapContext-"><code>created</code></a> |
| and returned. If the connection cannot be opened, either because LDAP authentication failed or some other |
| JNDI problem, an <a href="http://java.sun.com/javase/6/docs/api/javax/naming/NamingException.html?is-external=true" title="class or interface in javax.naming"><code>NamingException</code></a> will be thrown.</div> |
| <dl> |
| <dt><span class="paramLabel">Parameters:</span></dt> |
| <dd><code>token</code> - the submitted authentication token that triggered the authentication attempt.</dd> |
| <dd><code>ldapContextFactory</code> - factory used to retrieve LDAP connections.</dd> |
| <dt><span class="returnLabel">Returns:</span></dt> |
| <dd>an <a href="../../../../../org/apache/shiro/authc/AuthenticationInfo.html" title="interface in org.apache.shiro.authc"><code>AuthenticationInfo</code></a> instance representing the authenticated user's information.</dd> |
| <dt><span class="throwsLabel">Throws:</span></dt> |
| <dd><code><a href="http://java.sun.com/javase/6/docs/api/javax/naming/NamingException.html?is-external=true" title="class or interface in javax.naming">NamingException</a></code> - if any LDAP errors occur.</dd> |
| </dl> |
| </li> |
| </ul> |
| <a name="createAuthenticationInfo-org.apache.shiro.authc.AuthenticationToken-java.lang.Object-java.lang.Object-javax.naming.ldap.LdapContext-"> |
| <!-- --> |
| </a> |
| <ul class="blockList"> |
| <li class="blockList"> |
| <h4>createAuthenticationInfo</h4> |
| <pre>protected <a href="../../../../../org/apache/shiro/authc/AuthenticationInfo.html" title="interface in org.apache.shiro.authc">AuthenticationInfo</a> <a href="../../../../../src-html/org/apache/shiro/realm/ldap/DefaultLdapRealm.html#line.409">createAuthenticationInfo</a>(<a href="../../../../../org/apache/shiro/authc/AuthenticationToken.html" title="interface in org.apache.shiro.authc">AuthenticationToken</a> token, |
| <a href="http://java.sun.com/javase/6/docs/api/java/lang/Object.html?is-external=true" title="class or interface in java.lang">Object</a> ldapPrincipal, |
| <a href="http://java.sun.com/javase/6/docs/api/java/lang/Object.html?is-external=true" title="class or interface in java.lang">Object</a> ldapCredentials, |
| <a href="http://java.sun.com/javase/6/docs/api/javax/naming/ldap/LdapContext.html?is-external=true" title="class or interface in javax.naming.ldap">LdapContext</a> ldapContext) |
| throws <a href="http://java.sun.com/javase/6/docs/api/javax/naming/NamingException.html?is-external=true" title="class or interface in javax.naming">NamingException</a></pre> |
| <div class="block">Returns the <a href="../../../../../org/apache/shiro/authc/AuthenticationInfo.html" title="interface in org.apache.shiro.authc"><code>AuthenticationInfo</code></a> resulting from a Subject's successful LDAP authentication attempt. |
| <p/> |
| This implementation ignores the <code>ldapPrincipal</code>, <code>ldapCredentials</code>, and the opened |
| <code>ldapContext</code> arguments and merely returns an <code>AuthenticationInfo</code> instance mirroring the |
| submitted token's principal and credentials. This is acceptable because this method is only ever invoked after |
| a successful authentication attempt, which means the provided principal and credentials were correct, and can |
| be used directly to populate the (now verified) <code>AuthenticationInfo</code>. |
| <p/> |
| Subclasses however are free to override this method for more advanced construction logic.</div> |
| <dl> |
| <dt><span class="paramLabel">Parameters:</span></dt> |
| <dd><code>token</code> - the submitted <code>AuthenticationToken</code> that resulted in a successful authentication</dd> |
| <dd><code>ldapPrincipal</code> - the LDAP principal used when creating the LDAP connection. Unlike the token's |
| <a href="../../../../../org/apache/shiro/authc/AuthenticationToken.html#getPrincipal--"><code>principal</code></a>, this value is usually a constructed |
| User DN and not a simple username or uid. The exact value is depending on the |
| configured |
| <a href="http://download-llnw.oracle.com/javase/tutorial/jndi/ldap/auth_mechs.html"> |
| LDAP authentication mechanism</a> in use.</dd> |
| <dd><code>ldapCredentials</code> - the LDAP credentials used when creating the LDAP connection.</dd> |
| <dd><code>ldapContext</code> - the LdapContext created that resulted in a successful authentication. It can be used |
| further by subclasses for more complex operations. It does not need to be closed - |
| it will be closed automatically after this method returns.</dd> |
| <dt><span class="returnLabel">Returns:</span></dt> |
| <dd>the <a href="../../../../../org/apache/shiro/authc/AuthenticationInfo.html" title="interface in org.apache.shiro.authc"><code>AuthenticationInfo</code></a> resulting from a Subject's successful LDAP authentication attempt.</dd> |
| <dt><span class="throwsLabel">Throws:</span></dt> |
| <dd><code><a href="http://java.sun.com/javase/6/docs/api/javax/naming/NamingException.html?is-external=true" title="class or interface in javax.naming">NamingException</a></code> - if there was any problem using the <code>LdapContext</code></dd> |
| </dl> |
| </li> |
| </ul> |
| <a name="queryForAuthorizationInfo-org.apache.shiro.subject.PrincipalCollection-org.apache.shiro.realm.ldap.LdapContextFactory-"> |
| <!-- --> |
| </a> |
| <ul class="blockListLast"> |
| <li class="blockList"> |
| <h4>queryForAuthorizationInfo</h4> |
| <pre>protected <a href="../../../../../org/apache/shiro/authz/AuthorizationInfo.html" title="interface in org.apache.shiro.authz">AuthorizationInfo</a> <a href="../../../../../src-html/org/apache/shiro/realm/ldap/DefaultLdapRealm.html#line.426">queryForAuthorizationInfo</a>(<a href="../../../../../org/apache/shiro/subject/PrincipalCollection.html" title="interface in org.apache.shiro.subject">PrincipalCollection</a> principals, |
| <a href="../../../../../org/apache/shiro/realm/ldap/LdapContextFactory.html" title="interface in org.apache.shiro.realm.ldap">LdapContextFactory</a> ldapContextFactory) |
| throws <a href="http://java.sun.com/javase/6/docs/api/javax/naming/NamingException.html?is-external=true" title="class or interface in javax.naming">NamingException</a></pre> |
| <div class="block">Method that should be implemented by subclasses to build an |
| <a href="../../../../../org/apache/shiro/authz/AuthorizationInfo.html" title="interface in org.apache.shiro.authz"><code>AuthorizationInfo</code></a> object by querying the LDAP context for the |
| specified principal.</p></div> |
| <dl> |
| <dt><span class="paramLabel">Parameters:</span></dt> |
| <dd><code>principals</code> - the principals of the Subject whose AuthenticationInfo should be queried from the LDAP server.</dd> |
| <dd><code>ldapContextFactory</code> - factory used to retrieve LDAP connections.</dd> |
| <dt><span class="returnLabel">Returns:</span></dt> |
| <dd>an <a href="../../../../../org/apache/shiro/authz/AuthorizationInfo.html" title="interface in org.apache.shiro.authz"><code>AuthorizationInfo</code></a> instance containing information retrieved from the LDAP server.</dd> |
| <dt><span class="throwsLabel">Throws:</span></dt> |
| <dd><code><a href="http://java.sun.com/javase/6/docs/api/javax/naming/NamingException.html?is-external=true" title="class or interface in javax.naming">NamingException</a></code> - if any LDAP errors occur during the search.</dd> |
| </dl> |
| </li> |
| </ul> |
| </li> |
| </ul> |
| </li> |
| </ul> |
| </div> |
| </div> |
| <!-- ========= END OF CLASS DATA ========= --> |
| <!-- ======= START OF BOTTOM NAVBAR ====== --> |
| <div class="bottomNav"><a name="navbar.bottom"> |
| <!-- --> |
| </a> |
| <div class="skipNav"><a href="#skip.navbar.bottom" title="Skip navigation links">Skip navigation links</a></div> |
| <a name="navbar.bottom.firstrow"> |
| <!-- --> |
| </a> |
| <ul class="navList" title="Navigation"> |
| <li><a href="../../../../../overview-summary.html">Overview</a></li> |
| <li><a href="package-summary.html">Package</a></li> |
| <li class="navBarCell1Rev">Class</li> |
| <li><a href="class-use/DefaultLdapRealm.html">Use</a></li> |
| <li><a href="package-tree.html">Tree</a></li> |
| <li><a href="../../../../../deprecated-list.html">Deprecated</a></li> |
| <li><a href="../../../../../index-all.html">Index</a></li> |
| <li><a href="../../../../../help-doc.html">Help</a></li> |
| </ul> |
| </div> |
| <div class="subNav"> |
| <ul class="navList"> |
| <li><a href="../../../../../org/apache/shiro/realm/ldap/DefaultLdapContextFactory.html" title="class in org.apache.shiro.realm.ldap"><span class="typeNameLink">Prev Class</span></a></li> |
| <li><a href="../../../../../org/apache/shiro/realm/ldap/JndiLdapContextFactory.html" title="class in org.apache.shiro.realm.ldap"><span class="typeNameLink">Next Class</span></a></li> |
| </ul> |
| <ul class="navList"> |
| <li><a href="../../../../../index.html?org/apache/shiro/realm/ldap/DefaultLdapRealm.html" target="_top">Frames</a></li> |
| <li><a href="DefaultLdapRealm.html" target="_top">No Frames</a></li> |
| </ul> |
| <ul class="navList" id="allclasses_navbar_bottom"> |
| <li><a href="../../../../../allclasses-noframe.html">All Classes</a></li> |
| </ul> |
| <div> |
| <script type="text/javascript"><!-- |
| allClassesLink = document.getElementById("allclasses_navbar_bottom"); |
| if(window==top) { |
| allClassesLink.style.display = "block"; |
| } |
| else { |
| allClassesLink.style.display = "none"; |
| } |
| //--> |
| </script> |
| </div> |
| <div> |
| <ul class="subNavList"> |
| <li>Summary: </li> |
| <li>Nested | </li> |
| <li>Field | </li> |
| <li><a href="#constructor.summary">Constr</a> | </li> |
| <li><a href="#method.summary">Method</a></li> |
| </ul> |
| <ul class="subNavList"> |
| <li>Detail: </li> |
| <li>Field | </li> |
| <li><a href="#constructor.detail">Constr</a> | </li> |
| <li><a href="#method.detail">Method</a></li> |
| </ul> |
| </div> |
| <a name="skip.navbar.bottom"> |
| <!-- --> |
| </a></div> |
| <!-- ======== END OF BOTTOM NAVBAR ======= --> |
| <p class="legalCopy"><small>Copyright © 2004–2017 <a href="https://www.apache.org/">The Apache Software Foundation</a>. All rights reserved.</small></p> |
| </body> |
| </html> |