JNDIBackend (Moria Directory manager 1.1 API)

Overview

Package

Class

Use

Tree

Deprecated

Index

Help

PREV CLASS NEXT CLASS

FRAMES NO FRAMES

SUMMARY: NESTED | FIELD | CONSTR | METHOD

DETAIL: FIELD | CONSTR | METHOD

no.feide.moria.directory.backend
Class JNDIBackend

java.lang.Object
  no.feide.moria.directory.backend.JNDIBackend

All Implemented Interfaces:: DirectoryManagerBackend

public class JNDIBackend
extends java.lang.Object
implements DirectoryManagerBackend
extends java.lang.Object
implements DirectoryManagerBackend

Java Naming and Directory Interface (JNDI) backend. Used to authenticate users and retrieve the associated attributes.

Field Summary
`private java.util.Hashtable`	`defaultEnv` Default initial LDAP context environment.
`private java.lang.String`	`guessedAttribute` The name of the attribute used to guess a user's (R)DN.
`private no.feide.moria.log.MessageLogger`	`log` The message logger.
`private IndexedReference[]`	`myReferences` The external reference of this backend.
`private java.lang.String`	`mySessionTicket` The session ticket used when logging from this instance.
`private int`	`myTimeout` The connection timeout used.
`private java.lang.String`	`usernameAttribute` The name of the attribute holding the username.

Fields inherited from interface no.feide.moria.directory.backend.DirectoryManagerBackend
`ATTRIBUTE_VALUE_CHARSET, VIRTUAL_ATTRIBUTES`

Constructor Summary
`protected`	`JNDIBackend(java.lang.String sessionTicket, int timeout, boolean ssl, java.lang.String usernameAttributeName, java.lang.String guessedAttributeName)` Protected constructor.

Method Summary
`java.util.HashMap`	`authenticate(Credentials userCredentials, java.lang.String[] attributeRequest)` Authenticates the user using the supplied credentials and retrieves the requested attributes.
`void`	`close()` Does nothing, but needed to fulfill the `DirectoryManagerBackend` interface.
`private javax.naming.ldap.InitialLdapContext`	`connect(java.lang.String url)` Creates a new connection to a given backend provider URL.
`private java.util.HashMap`	`getAttributes(javax.naming.ldap.InitialLdapContext ldap, java.lang.String rdn, java.lang.String[] attributes)` Retrieves a list of attributes from an element.
`private java.lang.String`	`ldapSearch(javax.naming.ldap.InitialLdapContext ldap, java.lang.String pattern)` Does a subtree search for an element given a pattern.
`void`	`open(IndexedReference[] references)` Opens this backend.
`boolean`	`userExists(java.lang.String username)` Checks whether a user element exists, based on its username value.

Methods inherited from class java.lang.Object
`clone, equals, finalize, getClass, hashCode, notify, notifyAll, toString, wait, wait, wait`

Field Detail

log

private final no.feide.moria.log.MessageLogger log

The message logger.

myReferences

private IndexedReference[] myReferences

The external reference of this backend.

myTimeout

private final int myTimeout

The connection timeout used.

defaultEnv

private java.util.Hashtable defaultEnv

Default initial LDAP context environment.

usernameAttribute

private java.lang.String usernameAttribute

The name of the attribute holding the username.

guessedAttribute

private java.lang.String guessedAttribute

The name of the attribute used to guess a user's (R)DN.

mySessionTicket

private java.lang.String mySessionTicket

The session ticket used when logging from this instance.

Constructor Detail

JNDIBackend

protected JNDIBackend(java.lang.String sessionTicket,
                      int timeout,
                      boolean ssl,
                      java.lang.String usernameAttributeName,
                      java.lang.String guessedAttributeName)
               throws java.lang.IllegalArgumentException,
                      java.lang.NullPointerException

Protected constructor. Creates an initial default context environment and adds support for referrals, a fix for OpenSSL aliases, and enables SSL as default.

Parameters:: sessionTicket - The session ticket for this instance, used when logging. May be null (which is treated as an empty string) or an empty string.; timeout - The number of seconds before a connection attempt through this backend times out.; ssl - true if SSL is to be used, otherwise false.; usernameAttributeName - The name of the attribute holding the username. Cannot be null.; guessedAttributeName - If we search but cannot find a user element (for example, if it is not searchable), we will guess that the (R)DN starts with the substring guessedAttributeName=usernamePrefix, where usernamePrefix is the part of the username preceding the 'at' character. Cannot be null.
Throws:: java.lang.IllegalArgumentException - If timeout is less than zero.; java.lang.NullPointerException - If guessedAttributeName or usernameAttribute is null.

Method Detail

open

public final void open(IndexedReference[] references)

Opens this backend. Does not actually initialize the network connection to the external LDAP.

Specified by:: open in interface DirectoryManagerBackend

Parameters:: references - The external reference to the LDAP server. Cannot be null, and must contain at least one reference.
Throws:: java.lang.IllegalArgumentException - If reference is null, or an empty array.

userExists

public final boolean userExists(java.lang.String username)
                         throws BackendException

Checks whether a user element exists, based on its username value.

Specified by:: userExists in interface DirectoryManagerBackend

Parameters:: username - User name.
Returns:: true if the user can be looked up through JNDI, otherwise false.
Throws:: BackendException - If there is a problem accessing the backend.

authenticate

public final java.util.HashMap authenticate(Credentials userCredentials,
                                            java.lang.String[] attributeRequest)
                                     throws AuthenticationFailedException,
                                            BackendException

Authenticates the user using the supplied credentials and retrieves the requested attributes.

Specified by:: authenticate in interface DirectoryManagerBackend

Parameters:: userCredentials - User's credentials. Cannot be null.; attributeRequest - Requested attributes.
Returns:: The requested attributes (String names and String[] values), if they did exist in the external backend. Otherwise returns those attributes that could actually be read, this may be an empty HashMap. Returns an empty HashMap if attributeRequest is null or an empty array.
Throws:: AuthenticationFailedException - If the authentication fails.; BackendException - If there is a problem accessing the backend.; java.lang.IllegalArgumentException - If userCredentials is null.

getAttributes

private java.util.HashMap getAttributes(javax.naming.ldap.InitialLdapContext ldap,
                                        java.lang.String rdn,
                                        java.lang.String[] attributes)
                                 throws BackendException

Retrieves a list of attributes from an element.

Parameters:: ldap - A prepared LDAP context. Cannot be null.; rdn - The relative DN (to the DN in the LDAP context ldap). Cannot be null.; attributes - The requested attribute's names.
Returns:: The requested attributes (String names and String[] values), if they did exist in the external backend. Otherwise returns those attributes that could actually be read, this may be an empty HashMap. Returns an empty HashMap if attributes is null or an empty array. Note that attribute values are mapped to String using ISO-8859-1.
Throws:: BackendException - If unable to read the attributes from the backend.; java.lang.NullPointerException - If ldap or rdn is null.
See Also:: InitialDirContext.getAttributes(java.lang.String, java.lang.String[])

close

public void close()

Does nothing, but needed to fulfill the DirectoryManagerBackend interface. Actual backend connections are closed after each use.

Specified by:: close in interface DirectoryManagerBackend

See Also:: DirectoryManagerBackend.close()

ldapSearch

private java.lang.String ldapSearch(javax.naming.ldap.InitialLdapContext ldap,
                                    java.lang.String pattern)
                             throws BackendException

Does a subtree search for an element given a pattern. Only the first element found is considered, and all references are searched in order until either a match is found or no more references are left to search.

Parameters:: ldap - A prepared LDAP context.; pattern - The search pattern. Must not include the character '*' or the substring '\2a' to prevent possible LDAP exploits.
Returns:: The element's relative DN, or null if none was found. null is also returned if the search pattern contains an illegal character or substring.
Throws:: BackendException - If there was a problem accessing the backend. Typical causes include timeouts.

connect

private javax.naming.ldap.InitialLdapContext connect(java.lang.String url)
                                              throws javax.naming.NamingException

Creates a new connection to a given backend provider URL.

Parameters:: url - The backend provider URL.
Returns:: The opened backend connection.
Throws:: javax.naming.NamingException - If unable to connect to the provider given by url.