Google Git
Sign in
apache / tomee-site-pub / 294f8729efbe13f29a64f7a60a72b67641434a45 / . / tomee-8.0 / javadoc / javax / security / enterprise / identitystore / LdapIdentityStoreDefinition.html
blob: bb2da1ddee356b2a4862433a18f4a3c6f739928c [file] [log] [blame]
<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN" "http://www.w3.org/TR/html4/loose.dtd">
<!-- NewPage -->
<html lang="en">
<head>
<title>LdapIdentityStoreDefinition</title>
<link rel="stylesheet" type="text/css" href="../../../../stylesheet.css" title="Style">
<script type="text/javascript" src="../../../../script.js"></script>
</head>
<body>
<script type="text/javascript"><!--
try {
if (location.href.indexOf('is-external=true') == -1) {
parent.document.title="LdapIdentityStoreDefinition";
}
}
catch(err) {
}
//-->
</script>
<noscript>
<div>JavaScript is disabled on your browser.</div>
</noscript>
<!-- ========= START OF TOP NAVBAR ======= -->
<div class="topNav"><a name="navbar.top">
<!-- -->
</a>
<div class="skipNav"><a href="#skip.navbar.top" title="Skip navigation links">Skip navigation links</a></div>
<a name="navbar.top.firstrow">
<!-- -->
</a>
<ul class="navList" title="Navigation">
<li><a href="../../../../overview-summary.html">Overview</a></li>
<li><a href="package-summary.html">Package</a></li>
<li class="navBarCell1Rev">Class</li>
<li><a href="package-tree.html">Tree</a></li>
<li><a href="../../../../deprecated-list.html">Deprecated</a></li>
<li><a href="../../../../index-all.html">Index</a></li>
<li><a href="../../../../help-doc.html">Help</a></li>
</ul>
</div>
<div class="subNav">
<ul class="navList">
<li><a href="../../../../javax/security/enterprise/identitystore/IdentityStoreWrapper.html" title="class in javax.security.enterprise.identitystore"><span class="typeNameLink">Prev&nbsp;Class</span></a></li>
<li><a href="../../../../javax/security/enterprise/identitystore/LdapIdentityStoreDefinition.LdapSearchScope.html" title="enum in javax.security.enterprise.identitystore"><span class="typeNameLink">Next&nbsp;Class</span></a></li>
</ul>
<ul class="navList">
<li><a href="../../../../index.html?javax/security/enterprise/identitystore/LdapIdentityStoreDefinition.html" target="_top">Frames</a></li>
<li><a href="LdapIdentityStoreDefinition.html" target="_top">No&nbsp;Frames</a></li>
</ul>
<ul class="navList" id="allclasses_navbar_top">
<li><a href="../../../../allclasses-noframe.html">All&nbsp;Classes</a></li>
</ul>
<div>
<script type="text/javascript"><!--
allClassesLink = document.getElementById("allclasses_navbar_top");
if(window==top) {
allClassesLink.style.display = "block";
}
else {
allClassesLink.style.display = "none";
}
//-->
</script>
</div>
<div>
<ul class="subNavList">
<li>Summary:&nbsp;</li>
<li>Field&nbsp;|&nbsp;</li>
<li>Required&nbsp;|&nbsp;</li>
<li><a href="#annotation.type.optional.element.summary">Optional</a></li>
</ul>
<ul class="subNavList">
<li>Detail:&nbsp;</li>
<li>Field&nbsp;|&nbsp;</li>
<li><a href="#annotation.type.element.detail">Element</a></li>
</ul>
</div>
<a name="skip.navbar.top">
<!-- -->
</a></div>
<!-- ========= END OF TOP NAVBAR ========= -->
<!-- ======== START OF CLASS DATA ======== -->
<div class="header">
<div class="subTitle">javax.security.enterprise.identitystore</div>
<h2 title="Annotation Type LdapIdentityStoreDefinition" class="title">Annotation Type LdapIdentityStoreDefinition</h2>
</div>
<div class="contentContainer">
<div class="description">
<ul class="blockList">
<li class="blockList">
<hr>
<br>
<pre>@Retention(value=RUNTIME)
@Target(value=TYPE)
public @interface <span class="memberNameLabel">LdapIdentityStoreDefinition</span></pre>
<div class="block">Annotation used to define a container-provided <a href="../../../../javax/security/enterprise/identitystore/IdentityStore.html" title="interface in javax.security.enterprise.identitystore"><code>IdentityStore</code></a> that stores
caller credentials and identity attributes (together caller identities) in an
LDAP store, and make that implementation available as an enabled CDI bean.
<p>
The container-provided <code>IdentityStore</code> must support validating <a href="../../../../javax/security/enterprise/credential/UsernamePasswordCredential.html" title="class in javax.security.enterprise.credential"><code>UsernamePasswordCredential</code></a>,
and may support validating other credential types.</div>
</li>
</ul>
</div>
<div class="summary">
<ul class="blockList">
<li class="blockList">
<!-- =========== ANNOTATION TYPE OPTIONAL MEMBER SUMMARY =========== -->
<ul class="blockList">
<li class="blockList"><a name="annotation.type.optional.element.summary">
<!-- -->
</a>
<h3>Optional Element Summary</h3>
<table class="memberSummary" border="0" cellpadding="3" cellspacing="0" summary="Optional Element Summary table, listing optional elements, and an explanation">
<caption><span>Optional Elements</span><span class="tabEnd">&nbsp;</span></caption>
<tr>
<th class="colFirst" scope="col">Modifier and Type</th>
<th class="colLast" scope="col">Optional Element and Description</th>
</tr>
<tr class="altColor">
<td class="colFirst"><code>java.lang.String</code></td>
<td class="colLast"><code><span class="memberNameLink"><a href="../../../../javax/security/enterprise/identitystore/LdapIdentityStoreDefinition.html#bindDn--">bindDn</a></span></code>
<div class="block">Distinguished name for the application or administrative user that will be used to
make the initial connection to the LDAP and to perform searches and lookups.</div>
</td>
</tr>
<tr class="rowColor">
<td class="colFirst"><code>java.lang.String</code></td>
<td class="colLast"><code><span class="memberNameLink"><a href="../../../../javax/security/enterprise/identitystore/LdapIdentityStoreDefinition.html#bindDnPassword--">bindDnPassword</a></span></code>
<div class="block">Password for the application/admin user defined by the bindDn member.</div>
</td>
</tr>
<tr class="altColor">
<td class="colFirst"><code>java.lang.String</code></td>
<td class="colLast"><code><span class="memberNameLink"><a href="../../../../javax/security/enterprise/identitystore/LdapIdentityStoreDefinition.html#callerBaseDn--">callerBaseDn</a></span></code>
<div class="block">Base distinguished name for callers in the LDAP store
(e.g., "<code>ou=caller,dc=jsr375,dc=net</code>").</div>
</td>
</tr>
<tr class="rowColor">
<td class="colFirst"><code>java.lang.String</code></td>
<td class="colLast"><code><span class="memberNameLink"><a href="../../../../javax/security/enterprise/identitystore/LdapIdentityStoreDefinition.html#callerNameAttribute--">callerNameAttribute</a></span></code>
<div class="block">Name of the attribute that contains the callers name in the person object
(e.g., "<code>uid</code>").</div>
</td>
</tr>
<tr class="altColor">
<td class="colFirst"><code>java.lang.String</code></td>
<td class="colLast"><code><span class="memberNameLink"><a href="../../../../javax/security/enterprise/identitystore/LdapIdentityStoreDefinition.html#callerSearchBase--">callerSearchBase</a></span></code>
<div class="block">Search base for looking up callers
(e.g., "<code>ou=caller,dc=jsr375,dc=net</code>").</div>
</td>
</tr>
<tr class="rowColor">
<td class="colFirst"><code>java.lang.String</code></td>
<td class="colLast"><code><span class="memberNameLink"><a href="../../../../javax/security/enterprise/identitystore/LdapIdentityStoreDefinition.html#callerSearchFilter--">callerSearchFilter</a></span></code>
<div class="block">Search filter to find callers when callerSearchBase is set.</div>
</td>
</tr>
<tr class="altColor">
<td class="colFirst"><code><a href="../../../../javax/security/enterprise/identitystore/LdapIdentityStoreDefinition.LdapSearchScope.html" title="enum in javax.security.enterprise.identitystore">LdapIdentityStoreDefinition.LdapSearchScope</a></code></td>
<td class="colLast"><code><span class="memberNameLink"><a href="../../../../javax/security/enterprise/identitystore/LdapIdentityStoreDefinition.html#callerSearchScope--">callerSearchScope</a></span></code>
<div class="block">Search scope for caller searches: determines depth
of the search in the LDAP tree.</div>
</td>
</tr>
<tr class="rowColor">
<td class="colFirst"><code>java.lang.String</code></td>
<td class="colLast"><code><span class="memberNameLink"><a href="../../../../javax/security/enterprise/identitystore/LdapIdentityStoreDefinition.html#callerSearchScopeExpression--">callerSearchScopeExpression</a></span></code>
<div class="block">Allow callerSearchScope to be specified as an EL expression.</div>
</td>
</tr>
<tr class="altColor">
<td class="colFirst"><code>java.lang.String</code></td>
<td class="colLast"><code><span class="memberNameLink"><a href="../../../../javax/security/enterprise/identitystore/LdapIdentityStoreDefinition.html#groupMemberAttribute--">groupMemberAttribute</a></span></code>
<div class="block">Name of the attribute in a group object that identifies the
members of the group
(e.g., "<code>member</code>").</div>
</td>
</tr>
<tr class="rowColor">
<td class="colFirst"><code>java.lang.String</code></td>
<td class="colLast"><code><span class="memberNameLink"><a href="../../../../javax/security/enterprise/identitystore/LdapIdentityStoreDefinition.html#groupMemberOfAttribute--">groupMemberOfAttribute</a></span></code>
<div class="block">Name of the attribute in a person object that identifies the groups
the caller belongs to
(e.g., "<code>memberOf</code>").</div>
</td>
</tr>
<tr class="altColor">
<td class="colFirst"><code>java.lang.String</code></td>
<td class="colLast"><code><span class="memberNameLink"><a href="../../../../javax/security/enterprise/identitystore/LdapIdentityStoreDefinition.html#groupNameAttribute--">groupNameAttribute</a></span></code>
<div class="block">Name of the attribute of a group object that represents the group name
(e.g., "<code>cn</code>")</div>
</td>
</tr>
<tr class="rowColor">
<td class="colFirst"><code>java.lang.String</code></td>
<td class="colLast"><code><span class="memberNameLink"><a href="../../../../javax/security/enterprise/identitystore/LdapIdentityStoreDefinition.html#groupSearchBase--">groupSearchBase</a></span></code>
<div class="block">Search base for looking up groups
(e.g., "<code>ou=group,dc=jsr375,dc=net</code>").</div>
</td>
</tr>
<tr class="altColor">
<td class="colFirst"><code>java.lang.String</code></td>
<td class="colLast"><code><span class="memberNameLink"><a href="../../../../javax/security/enterprise/identitystore/LdapIdentityStoreDefinition.html#groupSearchFilter--">groupSearchFilter</a></span></code>
<div class="block">Search filter to find groups when groupSearchBase is set.</div>
</td>
</tr>
<tr class="rowColor">
<td class="colFirst"><code><a href="../../../../javax/security/enterprise/identitystore/LdapIdentityStoreDefinition.LdapSearchScope.html" title="enum in javax.security.enterprise.identitystore">LdapIdentityStoreDefinition.LdapSearchScope</a></code></td>
<td class="colLast"><code><span class="memberNameLink"><a href="../../../../javax/security/enterprise/identitystore/LdapIdentityStoreDefinition.html#groupSearchScope--">groupSearchScope</a></span></code>
<div class="block">Search scope for group searches, determines depth
of the search in the LDAP tree.</div>
</td>
</tr>
<tr class="altColor">
<td class="colFirst"><code>java.lang.String</code></td>
<td class="colLast"><code><span class="memberNameLink"><a href="../../../../javax/security/enterprise/identitystore/LdapIdentityStoreDefinition.html#groupSearchScopeExpression--">groupSearchScopeExpression</a></span></code>
<div class="block">Allow groupSearchScope to be specified as an EL expression.</div>
</td>
</tr>
<tr class="rowColor">
<td class="colFirst"><code>int</code></td>
<td class="colLast"><code><span class="memberNameLink"><a href="../../../../javax/security/enterprise/identitystore/LdapIdentityStoreDefinition.html#maxResults--">maxResults</a></span></code>
<div class="block">Set the maximum number of results (objects) the server should
return in response to a search.</div>
</td>
</tr>
<tr class="altColor">
<td class="colFirst"><code>java.lang.String</code></td>
<td class="colLast"><code><span class="memberNameLink"><a href="../../../../javax/security/enterprise/identitystore/LdapIdentityStoreDefinition.html#maxResultsExpression--">maxResultsExpression</a></span></code>
<div class="block">Allow maxResults to be specified as an EL expression.</div>
</td>
</tr>
<tr class="rowColor">
<td class="colFirst"><code>int</code></td>
<td class="colLast"><code><span class="memberNameLink"><a href="../../../../javax/security/enterprise/identitystore/LdapIdentityStoreDefinition.html#priority--">priority</a></span></code>
<div class="block">Determines the order in case multiple IdentityStores are found.</div>
</td>
</tr>
<tr class="altColor">
<td class="colFirst"><code>java.lang.String</code></td>
<td class="colLast"><code><span class="memberNameLink"><a href="../../../../javax/security/enterprise/identitystore/LdapIdentityStoreDefinition.html#priorityExpression--">priorityExpression</a></span></code>
<div class="block">Allow priority to be specified as an EL expression.</div>
</td>
</tr>
<tr class="rowColor">
<td class="colFirst"><code>int</code></td>
<td class="colLast"><code><span class="memberNameLink"><a href="../../../../javax/security/enterprise/identitystore/LdapIdentityStoreDefinition.html#readTimeout--">readTimeout</a></span></code>
<div class="block">Set the timeout value that should be used when waiting for
the LDAP server to return results.</div>
</td>
</tr>
<tr class="altColor">
<td class="colFirst"><code>java.lang.String</code></td>
<td class="colLast"><code><span class="memberNameLink"><a href="../../../../javax/security/enterprise/identitystore/LdapIdentityStoreDefinition.html#readTimeoutExpression--">readTimeoutExpression</a></span></code>
<div class="block">Allow readTimeout to be specified as an EL expression.</div>
</td>
</tr>
<tr class="rowColor">
<td class="colFirst"><code>java.lang.String</code></td>
<td class="colLast"><code><span class="memberNameLink"><a href="../../../../javax/security/enterprise/identitystore/LdapIdentityStoreDefinition.html#url--">url</a></span></code>
<div class="block">URL where the LDAP server can be reached.</div>
</td>
</tr>
<tr class="altColor">
<td class="colFirst"><code><a href="../../../../javax/security/enterprise/identitystore/IdentityStore.ValidationType.html" title="enum in javax.security.enterprise.identitystore">IdentityStore.ValidationType</a>[]</code></td>
<td class="colLast"><code><span class="memberNameLink"><a href="../../../../javax/security/enterprise/identitystore/LdapIdentityStoreDefinition.html#useFor--">useFor</a></span></code>
<div class="block">Determines what the identity store is used for</div>
</td>
</tr>
<tr class="rowColor">
<td class="colFirst"><code>java.lang.String</code></td>
<td class="colLast"><code><span class="memberNameLink"><a href="../../../../javax/security/enterprise/identitystore/LdapIdentityStoreDefinition.html#useForExpression--">useForExpression</a></span></code>
<div class="block">Allow useFor to be specified as an EL expression.</div>
</td>
</tr>
</table>
</li>
</ul>
</li>
</ul>
</div>
<div class="details">
<ul class="blockList">
<li class="blockList">
<!-- ============ ANNOTATION TYPE MEMBER DETAIL =========== -->
<ul class="blockList">
<li class="blockList"><a name="annotation.type.element.detail">
<!-- -->
</a>
<h3>Element Detail</h3>
<a name="url--">
<!-- -->
</a>
<ul class="blockList">
<li class="blockList">
<h4>url</h4>
<pre>public abstract&nbsp;java.lang.String&nbsp;url</pre>
<div class="block">URL where the LDAP server can be reached.
<p>
E.g.: <code>ldap://localhost:33389</code></div>
<dl>
<dt><span class="returnLabel">Returns:</span></dt>
<dd>URL where the LDAP server can be reached</dd>
</dl>
<dl>
<dt>Default:</dt>
<dd>""</dd>
</dl>
</li>
</ul>
</li>
</ul>
<ul class="blockList">
<li class="blockList"><a name="bindDn--">
<!-- -->
</a>
<ul class="blockList">
<li class="blockList">
<h4>bindDn</h4>
<pre>public abstract&nbsp;java.lang.String&nbsp;bindDn</pre>
<div class="block">Distinguished name for the application or administrative user that will be used to
make the initial connection to the LDAP and to perform searches and lookups.
<p>
This value is needed if caller or group lookup will be done. It is not needed if the
store will be used only to authenticate callers using direct binding (see callerBaseDn).
<p>
This user needs search permission in the LDAP for persons and/or groups.
<p>
E.g.: <code>uid=ldap,ou=apps,dc=jsr375,dc=net</code></div>
<dl>
<dt><span class="returnLabel">Returns:</span></dt>
<dd>The distinguished name for the application user.</dd>
</dl>
<dl>
<dt>Default:</dt>
<dd>""</dd>
</dl>
</li>
</ul>
</li>
</ul>
<ul class="blockList">
<li class="blockList"><a name="bindDnPassword--">
<!-- -->
</a>
<ul class="blockList">
<li class="blockList">
<h4>bindDnPassword</h4>
<pre>public abstract&nbsp;java.lang.String&nbsp;bindDnPassword</pre>
<div class="block">Password for the application/admin user defined by the bindDn member.
Only used when the member bindDn is filled in.</div>
<dl>
<dt><span class="returnLabel">Returns:</span></dt>
<dd>password for the application user.</dd>
</dl>
<dl>
<dt>Default:</dt>
<dd>""</dd>
</dl>
</li>
</ul>
</li>
</ul>
<ul class="blockList">
<li class="blockList"><a name="callerBaseDn--">
<!-- -->
</a>
<ul class="blockList">
<li class="blockList">
<h4>callerBaseDn</h4>
<pre>public abstract&nbsp;java.lang.String&nbsp;callerBaseDn</pre>
<div class="block">Base distinguished name for callers in the LDAP store
(e.g., "<code>ou=caller,dc=jsr375,dc=net</code>").
<p>
When this member value is specified, and callerSearchBase is not, direct binding is attempted.
<p>
The callerNameAttribute must be specified along with this attribute so that the
runtime can create the "leaf" RDN needed to concatenate with the base DN to create the
full DN of the caller.</div>
<dl>
<dt><span class="returnLabel">Returns:</span></dt>
<dd>The base distinguished name for callers.</dd>
</dl>
<dl>
<dt>Default:</dt>
<dd>""</dd>
</dl>
</li>
</ul>
</li>
</ul>
<ul class="blockList">
<li class="blockList"><a name="callerNameAttribute--">
<!-- -->
</a>
<ul class="blockList">
<li class="blockList">
<h4>callerNameAttribute</h4>
<pre>public abstract&nbsp;java.lang.String&nbsp;callerNameAttribute</pre>
<div class="block">Name of the attribute that contains the callers name in the person object
(e.g., "<code>uid</code>").
<p>
This attribute will be used, with callerBaseDn, to construct caller DNs for direct binding.
It is also used to retrieve the caller's name when the caller object is instead looked up
using search.
<p>
The value of this attribute is returned as the caller principal name
for a successful credential validation.
<p>
The following gives an example in ldif format:
<pre>
<code>
dn: uid=peter,ou=caller,dc=jsr375,dc=net
objectclass: top
objectclass: uidObject
objectclass: person
uid: peter
cn: Peter Smith
sn: Peter
userPassword: secret1
</code>
</pre></div>
<dl>
<dt><span class="returnLabel">Returns:</span></dt>
<dd>Name of the attribute that represents the caller name</dd>
</dl>
<dl>
<dt>Default:</dt>
<dd>"uid"</dd>
</dl>
</li>
</ul>
</li>
</ul>
<ul class="blockList">
<li class="blockList"><a name="callerSearchBase--">
<!-- -->
</a>
<ul class="blockList">
<li class="blockList">
<h4>callerSearchBase</h4>
<pre>public abstract&nbsp;java.lang.String&nbsp;callerSearchBase</pre>
<div class="block">Search base for looking up callers
(e.g., "<code>ou=caller,dc=jsr375,dc=net</code>").
<p>
Overrides callerBaseDn, if configured, causing caller search
to be used instead of direct binding.
Requires that the bindDn member be filled in.</div>
<dl>
<dt><span class="returnLabel">Returns:</span></dt>
<dd>Base DN for searching the LDAP tree for callers.</dd>
</dl>
<dl>
<dt>Default:</dt>
<dd>""</dd>
</dl>
</li>
</ul>
</li>
</ul>
<ul class="blockList">
<li class="blockList"><a name="callerSearchFilter--">
<!-- -->
</a>
<ul class="blockList">
<li class="blockList">
<h4>callerSearchFilter</h4>
<pre>public abstract&nbsp;java.lang.String&nbsp;callerSearchFilter</pre>
<div class="block">Search filter to find callers when callerSearchBase is set.
The search is performed starting from the callerSearchBase DN
with the scope specified by callerSearchScope.</div>
<dl>
<dt><span class="returnLabel">Returns:</span></dt>
<dd>Search expression to find callers.</dd>
</dl>
<dl>
<dt>Default:</dt>
<dd>""</dd>
</dl>
</li>
</ul>
</li>
</ul>
<ul class="blockList">
<li class="blockList"><a name="callerSearchScope--">
<!-- -->
</a>
<ul class="blockList">
<li class="blockList">
<h4>callerSearchScope</h4>
<pre>public abstract&nbsp;<a href="../../../../javax/security/enterprise/identitystore/LdapIdentityStoreDefinition.LdapSearchScope.html" title="enum in javax.security.enterprise.identitystore">LdapIdentityStoreDefinition.LdapSearchScope</a>&nbsp;callerSearchScope</pre>
<div class="block">Search scope for caller searches: determines depth
of the search in the LDAP tree.</div>
<dl>
<dt><span class="returnLabel">Returns:</span></dt>
<dd>The search scope</dd>
</dl>
<dl>
<dt>Default:</dt>
<dd>javax.security.enterprise.identitystore.LdapIdentityStoreDefinition.LdapSearchScope.SUBTREE</dd>
</dl>
</li>
</ul>
</li>
</ul>
<ul class="blockList">
<li class="blockList"><a name="callerSearchScopeExpression--">
<!-- -->
</a>
<ul class="blockList">
<li class="blockList">
<h4>callerSearchScopeExpression</h4>
<pre>public abstract&nbsp;java.lang.String&nbsp;callerSearchScopeExpression</pre>
<div class="block">Allow callerSearchScope to be specified as an EL expression.
If set, overrides any value set with callerSearchScope.</div>
<dl>
<dt><span class="returnLabel">Returns:</span></dt>
<dd>the callerSearchScope EL expression</dd>
</dl>
<dl>
<dt>Default:</dt>
<dd>""</dd>
</dl>
</li>
</ul>
</li>
</ul>
<ul class="blockList">
<li class="blockList"><a name="groupSearchBase--">
<!-- -->
</a>
<ul class="blockList">
<li class="blockList">
<h4>groupSearchBase</h4>
<pre>public abstract&nbsp;java.lang.String&nbsp;groupSearchBase</pre>
<div class="block">Search base for looking up groups
(e.g., "<code>ou=group,dc=jsr375,dc=net</code>").
<p>
Needed only for a store that performs group lookup.
Requires that the bindDn member be filled in.</div>
<dl>
<dt><span class="returnLabel">Returns:</span></dt>
<dd>Base DN for searching the LDAP tree for groups.</dd>
</dl>
<dl>
<dt>Default:</dt>
<dd>""</dd>
</dl>
</li>
</ul>
</li>
</ul>
<ul class="blockList">
<li class="blockList"><a name="groupSearchFilter--">
<!-- -->
</a>
<ul class="blockList">
<li class="blockList">
<h4>groupSearchFilter</h4>
<pre>public abstract&nbsp;java.lang.String&nbsp;groupSearchFilter</pre>
<div class="block">Search filter to find groups when groupSearchBase is set.
The search is performed starting from the groupSearchBase DN
with the scope specified by groupSearchScope.</div>
<dl>
<dt><span class="returnLabel">Returns:</span></dt>
<dd>Search expression to find groups.</dd>
</dl>
<dl>
<dt>Default:</dt>
<dd>""</dd>
</dl>
</li>
</ul>
</li>
</ul>
<ul class="blockList">
<li class="blockList"><a name="groupSearchScope--">
<!-- -->
</a>
<ul class="blockList">
<li class="blockList">
<h4>groupSearchScope</h4>
<pre>public abstract&nbsp;<a href="../../../../javax/security/enterprise/identitystore/LdapIdentityStoreDefinition.LdapSearchScope.html" title="enum in javax.security.enterprise.identitystore">LdapIdentityStoreDefinition.LdapSearchScope</a>&nbsp;groupSearchScope</pre>
<div class="block">Search scope for group searches, determines depth
of the search in the LDAP tree.</div>
<dl>
<dt><span class="returnLabel">Returns:</span></dt>
<dd>The search scope</dd>
</dl>
<dl>
<dt>Default:</dt>
<dd>javax.security.enterprise.identitystore.LdapIdentityStoreDefinition.LdapSearchScope.SUBTREE</dd>
</dl>
</li>
</ul>
</li>
</ul>
<ul class="blockList">
<li class="blockList"><a name="groupSearchScopeExpression--">
<!-- -->
</a>
<ul class="blockList">
<li class="blockList">
<h4>groupSearchScopeExpression</h4>
<pre>public abstract&nbsp;java.lang.String&nbsp;groupSearchScopeExpression</pre>
<div class="block">Allow groupSearchScope to be specified as an EL expression.
If set, overrides any value set with groupSearchScope.</div>
<dl>
<dt><span class="returnLabel">Returns:</span></dt>
<dd>the groupSearchScope EL expression</dd>
</dl>
<dl>
<dt>Default:</dt>
<dd>""</dd>
</dl>
</li>
</ul>
</li>
</ul>
<ul class="blockList">
<li class="blockList"><a name="groupNameAttribute--">
<!-- -->
</a>
<ul class="blockList">
<li class="blockList">
<h4>groupNameAttribute</h4>
<pre>public abstract&nbsp;java.lang.String&nbsp;groupNameAttribute</pre>
<div class="block">Name of the attribute of a group object that represents the group name
(e.g., "<code>cn</code>")</div>
<dl>
<dt><span class="returnLabel">Returns:</span></dt>
<dd>Name of the attribute that represents the group name</dd>
</dl>
<dl>
<dt>Default:</dt>
<dd>"cn"</dd>
</dl>
</li>
</ul>
</li>
</ul>
<ul class="blockList">
<li class="blockList"><a name="groupMemberAttribute--">
<!-- -->
</a>
<ul class="blockList">
<li class="blockList">
<h4>groupMemberAttribute</h4>
<pre>public abstract&nbsp;java.lang.String&nbsp;groupMemberAttribute</pre>
<div class="block">Name of the attribute in a group object that identifies the
members of the group
(e.g., "<code>member</code>").
<p>
The value of this attribute must be the full DN of the caller. The following gives an example
entry in ldif format:
<pre>
<code>
dn: cn=foo,ou=group,dc=jsr375,dc=net
objectclass: top
objectclass: groupOfNames
cn: foo
member: uid=pete,ou=caller,dc=jsr375,dc=net
member: uid=john,ou=caller,dc=jsr375,dc=net
</code>
</pre></div>
<dl>
<dt><span class="returnLabel">Returns:</span></dt>
<dd>Attribute for the group members</dd>
</dl>
<dl>
<dt>Default:</dt>
<dd>"member"</dd>
</dl>
</li>
</ul>
</li>
</ul>
<ul class="blockList">
<li class="blockList"><a name="groupMemberOfAttribute--">
<!-- -->
</a>
<ul class="blockList">
<li class="blockList">
<h4>groupMemberOfAttribute</h4>
<pre>public abstract&nbsp;java.lang.String&nbsp;groupMemberOfAttribute</pre>
<div class="block">Name of the attribute in a person object that identifies the groups
the caller belongs to
(e.g., "<code>memberOf</code>").
<p>
This attribute is used only if: a) group search is not configured
(i.e., no groupSearchBase and groupSearchFilter configured); and,
b) the caller's DN is available, either because groups are being returned
during the credential validation phase by an identity store that performs
both validation and group lookup, or because the DN is available in the
<a href="../../../../javax/security/enterprise/identitystore/CredentialValidationResult.html" title="class in javax.security.enterprise.identitystore"><code>CredentialValidationResult</code></a> passed to the
<a href="../../../../javax/security/enterprise/identitystore/IdentityStore.html#getCallerGroups-javax.security.enterprise.identitystore.CredentialValidationResult-"><code>IdentityStore.getCallerGroups(CredentialValidationResult)</code></a> method.
<p>
The value of this attribute must be the full DN of the group. The following gives an example
entry in ldif format:
<pre>
<code>
dn: uid=peter,ou=caller,dc=jsr375,dc=net
objectclass: top
objectclass: uidObject
objectclass: person
uid: peter
cn: Peter Smith
memberOf: cn=foo,ou=group,dc=jsr375,dc=net
memberOf: cn=bar,ou=group,dc=jsr375,dc=net
</code>
</pre></div>
<dl>
<dt><span class="returnLabel">Returns:</span></dt>
<dd>Attribute for group membership</dd>
</dl>
<dl>
<dt>Default:</dt>
<dd>"memberOf"</dd>
</dl>
</li>
</ul>
</li>
</ul>
<ul class="blockList">
<li class="blockList"><a name="readTimeout--">
<!-- -->
</a>
<ul class="blockList">
<li class="blockList">
<h4>readTimeout</h4>
<pre>public abstract&nbsp;int&nbsp;readTimeout</pre>
<div class="block">Set the timeout value that should be used when waiting for
the LDAP server to return results. Note that this is different
from the connection timeout for the underlying socket connection;
<p>
The default value of 0 means wait forever (assuming the connection
itself does not time out).</div>
<dl>
<dt><span class="returnLabel">Returns:</span></dt>
<dd>The readTimeout value.</dd>
</dl>
<dl>
<dt>Default:</dt>
<dd>0</dd>
</dl>
</li>
</ul>
</li>
</ul>
<ul class="blockList">
<li class="blockList"><a name="readTimeoutExpression--">
<!-- -->
</a>
<ul class="blockList">
<li class="blockList">
<h4>readTimeoutExpression</h4>
<pre>public abstract&nbsp;java.lang.String&nbsp;readTimeoutExpression</pre>
<div class="block">Allow readTimeout to be specified as an EL expression.
If set, overrides any value set with readTimeout.</div>
<dl>
<dt><span class="returnLabel">Returns:</span></dt>
<dd>The readTimeout EL expression</dd>
</dl>
<dl>
<dt>Default:</dt>
<dd>""</dd>
</dl>
</li>
</ul>
</li>
</ul>
<ul class="blockList">
<li class="blockList"><a name="maxResults--">
<!-- -->
</a>
<ul class="blockList">
<li class="blockList">
<h4>maxResults</h4>
<pre>public abstract&nbsp;int&nbsp;maxResults</pre>
<div class="block">Set the maximum number of results (objects) the server should
return in response to a search.
<p>
The default value is set to 1000, which corresponds to the
maximum number of results most LDAP servers will return for
in a single response. Most LDAP servers support paging through
result sets larger than 1000, but doing so should rarely be
necessary for normal validation and group lookup use cases.
Implementations of the built-in LDAP IdentityStore MAY support
paging through larger result sets, but are NOT REQUIRED to.</div>
<dl>
<dt><span class="returnLabel">Returns:</span></dt>
<dd>The maximum number of results the LDAP server should return.</dd>
</dl>
<dl>
<dt>Default:</dt>
<dd>1000</dd>
</dl>
</li>
</ul>
</li>
</ul>
<ul class="blockList">
<li class="blockList"><a name="maxResultsExpression--">
<!-- -->
</a>
<ul class="blockList">
<li class="blockList">
<h4>maxResultsExpression</h4>
<pre>public abstract&nbsp;java.lang.String&nbsp;maxResultsExpression</pre>
<div class="block">Allow maxResults to be specified as an EL expression.
If set, overrides any value set with maxResults.</div>
<dl>
<dt><span class="returnLabel">Returns:</span></dt>
<dd>The maxResults EL expression</dd>
</dl>
<dl>
<dt>Default:</dt>
<dd>""</dd>
</dl>
</li>
</ul>
</li>
</ul>
<ul class="blockList">
<li class="blockList"><a name="priority--">
<!-- -->
</a>
<ul class="blockList">
<li class="blockList">
<h4>priority</h4>
<pre>public abstract&nbsp;int&nbsp;priority</pre>
<div class="block">Determines the order in case multiple IdentityStores are found.</div>
<dl>
<dt><span class="returnLabel">Returns:</span></dt>
<dd>The priority.</dd>
</dl>
<dl>
<dt>Default:</dt>
<dd>80</dd>
</dl>
</li>
</ul>
</li>
</ul>
<ul class="blockList">
<li class="blockList"><a name="priorityExpression--">
<!-- -->
</a>
<ul class="blockList">
<li class="blockList">
<h4>priorityExpression</h4>
<pre>public abstract&nbsp;java.lang.String&nbsp;priorityExpression</pre>
<div class="block">Allow priority to be specified as an EL expression.
If set, overrides any value set with priority.</div>
<dl>
<dt><span class="returnLabel">Returns:</span></dt>
<dd>The priority EL expression</dd>
</dl>
<dl>
<dt>Default:</dt>
<dd>""</dd>
</dl>
</li>
</ul>
</li>
</ul>
<ul class="blockList">
<li class="blockList"><a name="useFor--">
<!-- -->
</a>
<ul class="blockList">
<li class="blockList">
<h4>useFor</h4>
<pre>public abstract&nbsp;<a href="../../../../javax/security/enterprise/identitystore/IdentityStore.ValidationType.html" title="enum in javax.security.enterprise.identitystore">IdentityStore.ValidationType</a>[]&nbsp;useFor</pre>
<div class="block">Determines what the identity store is used for</div>
<dl>
<dt><span class="returnLabel">Returns:</span></dt>
<dd>The type the identity store is used for</dd>
</dl>
<dl>
<dt>Default:</dt>
<dd>{javax.security.enterprise.identitystore.IdentityStore.ValidationType.VALIDATE, javax.security.enterprise.identitystore.IdentityStore.ValidationType.PROVIDE_GROUPS}</dd>
</dl>
</li>
</ul>
</li>
</ul>
<ul class="blockList">
<li class="blockList"><a name="useForExpression--">
<!-- -->
</a>
<ul class="blockListLast">
<li class="blockList">
<h4>useForExpression</h4>
<pre>public abstract&nbsp;java.lang.String&nbsp;useForExpression</pre>
<div class="block">Allow useFor to be specified as an EL expression.
If set, overrides any value set with useFor.</div>
<dl>
<dt><span class="returnLabel">Returns:</span></dt>
<dd>The useFor EL expression</dd>
</dl>
<dl>
<dt>Default:</dt>
<dd>""</dd>
</dl>
</li>
</ul>
</li>
</ul>
</li>
</ul>
</div>
</div>
<!-- ========= END OF CLASS DATA ========= -->
<!-- ======= START OF BOTTOM NAVBAR ====== -->
<div class="bottomNav"><a name="navbar.bottom">
<!-- -->
</a>
<div class="skipNav"><a href="#skip.navbar.bottom" title="Skip navigation links">Skip navigation links</a></div>
<a name="navbar.bottom.firstrow">
<!-- -->
</a>
<ul class="navList" title="Navigation">
<li><a href="../../../../overview-summary.html">Overview</a></li>
<li><a href="package-summary.html">Package</a></li>
<li class="navBarCell1Rev">Class</li>
<li><a href="package-tree.html">Tree</a></li>
<li><a href="../../../../deprecated-list.html">Deprecated</a></li>
<li><a href="../../../../index-all.html">Index</a></li>
<li><a href="../../../../help-doc.html">Help</a></li>
</ul>
</div>
<div class="subNav">
<ul class="navList">
<li><a href="../../../../javax/security/enterprise/identitystore/IdentityStoreWrapper.html" title="class in javax.security.enterprise.identitystore"><span class="typeNameLink">Prev&nbsp;Class</span></a></li>
<li><a href="../../../../javax/security/enterprise/identitystore/LdapIdentityStoreDefinition.LdapSearchScope.html" title="enum in javax.security.enterprise.identitystore"><span class="typeNameLink">Next&nbsp;Class</span></a></li>
</ul>
<ul class="navList">
<li><a href="../../../../index.html?javax/security/enterprise/identitystore/LdapIdentityStoreDefinition.html" target="_top">Frames</a></li>
<li><a href="LdapIdentityStoreDefinition.html" target="_top">No&nbsp;Frames</a></li>
</ul>
<ul class="navList" id="allclasses_navbar_bottom">
<li><a href="../../../../allclasses-noframe.html">All&nbsp;Classes</a></li>
</ul>
<div>
<script type="text/javascript"><!--
allClassesLink = document.getElementById("allclasses_navbar_bottom");
if(window==top) {
allClassesLink.style.display = "block";
}
else {
allClassesLink.style.display = "none";
}
//-->
</script>
</div>
<div>
<ul class="subNavList">
<li>Summary:&nbsp;</li>
<li>Field&nbsp;|&nbsp;</li>
<li>Required&nbsp;|&nbsp;</li>
<li><a href="#annotation.type.optional.element.summary">Optional</a></li>
</ul>
<ul class="subNavList">
<li>Detail:&nbsp;</li>
<li>Field&nbsp;|&nbsp;</li>
<li><a href="#annotation.type.element.detail">Element</a></li>
</ul>
</div>
<a name="skip.navbar.bottom">
<!-- -->
</a></div>
<!-- ======== END OF BOTTOM NAVBAR ======= -->
</body>
</html>