Package de.elo.ix.client.ldap

Interface LdapUserDirectoryHandler

All Known Implementing Classes:
LdapUserDirectoryHandlerWrapper
public interface LdapUserDirectoryHandler

  • Method Details

    • authenticate

      UserInfo authenticate(String loginName, String password, String runAsName) throws byps.RemoteException
      Authenticate a user and optionally return information of a second user.
      Parameters:
      loginName - User to authenticate. If runAsName is null or empty, the implementation can decide to create this user in ELO if it does not exist. If a runAsName is supplied, this user must exist in ELO. This parameter can be empty if the implementation provides a default login account.
      password - Password to loginName. Ignored, if loginName is empty.
      runAsName - Return information of this user. The implementation can decide to create this user in ELO if it does not exist. If this parameter is null, the returned object refers to loginName.
      Returns:
      UserInfo object or null. UserInfo.getName() has to return the unique ELO user name. UserInfo.getId() must return the unique ELO user ID. Return UserDirectory.NOT_RESPONSIBLE_FOR_AUTHENTICATION if authentication should be processed against the ELO user database (and not against LDAP). Return null, if this handler does not process authentication (default behavior).
      Throws:
      byps.RemoteException

    • tryReadEloUser

      UserInfo tryReadEloUser(String userName, boolean mustExist) throws byps.RemoteException
      Read user from ELO. If user is not found and mustExist=false, return a new UserInfo object with UserInfo.id=-1 and UserInfo.name=userName.
      Parameters:
      userName -
      mustExist - if true, an exception is thrown if the user does not exist.
      Returns:
      UserInfo object.
      Throws:
      byps.RemoteException

    • getInitialContextEnvironment

      void getInitialContextEnvironment(Domain domain, String ldapUrl, String userName, String password, Map<String,String> environment)
      Get environment properties to create an javax.naming.directory.InitialDirContext.
      Parameters:
      domain - Domain
      ldapUrl - Server url
      userName - User name to authenticate
      password - User password
      environment - The properties built by the other parameters have to be added to this map.

    • createInitialDirContext

      InitialDirContext createInitialDirContext(Domain domain, Map<String,String> environment) throws Exception
      Create an javax.naming.directory.InitialDirContext.
      Parameters:
      domain - Domain
      environment - Environment properties, created by getInitialContextEnvironment(Domain, String, String, String, Map).
      Returns:
      InitialDirContext object.
      Throws:
      Exception

    • closeContext

      void closeContext(Context ctxt)
      Close Context object.
      Parameters:
      ctxt - Context object.

    • searchPerson

      NamingEnumeration<SearchResult> searchPerson(DirContext ctx, Domain domain, String personSearchDN, String filterPerson, String userName, int timeoutSeconds, Set<String> attributeNames) throws Exception
      Search person by name or mail.
      Parameters:
      ctx - DirContext
      domain - Domain
      personSearchDN - Sub-trees to be searched (Distinguished Name).
      filterPerson - Filter expression.
      userName - User name.
      timeoutSeconds - Timeout value.
      attributeNames - Attributes to return.
      Returns:
      Attributes.
      Throws:
      Exception

    • getUserAttributeNames

      void getUserAttributeNames(Domain domain, String userDN, Set<String> attributeNames)
      Get user attributes to be read.
      Parameters:
      domain - Domain
      userDN - User Distinguished name of user.
      attributeNames - Attribute names.

    • getUserAttributes

      Attributes getUserAttributes(DirContext ctxt, Domain domain, String userDN, Set<String> attributeNames) throws Exception
      Get attributes from DirContext.
      Parameters:
      ctxt - DirContext
      domain - Domain
      userDN - Distinguished name of user.
      attributeNames - Attribute names.
      Returns:
      Attributes
      Throws:
      Exception

    • getGroupDNsFromAttributes

      void getGroupDNsFromAttributes(Domain domain, String userDN, Attributes attributes, String attributeName, Set<String> groupNames) throws Exception
      Extract the Distinguished Names of groups found in the given attributes.
      Parameters:
      domain - Domain
      userDN - Distinguished name of user.
      attributes - Attributes
      attributeName - Attribute name of group membership
      groupNames - Distinguished Names of groups.
      Throws:
      Exception

    • extractGroupNameFromDN

      String extractGroupNameFromDN(Domain domain, String groupDN)
      Extract group name from Distinguished Name.
      Parameters:
      domain - Domain
      groupDN - Group Distinguished Name
      Returns:
      Simple group name.

    • searchGroupsOfMember

      NamingEnumeration<SearchResult> searchGroupsOfMember(DirContext ctxt, Domain domain, String groupSearchDN, String filterGroups, String memberDN, int timeoutSeconds) throws Exception
      Search groups in sub-tree of groupSearchDN that include memberDN as member.
      Parameters:
      ctxt - DirContext
      domain - Domain
      groupSearchDN - Distinguished Name of sub-tree
      filterGroups - Filter expression
      memberDN - Distinguished Name of group member.
      timeoutSeconds - Search timeout in seconds
      Returns:
      Enumeration
      Throws:
      Exception

    • assignGroups

      void assignGroups(UserInfo ui, Domain domain, String userName, Set<String> groupNamesOS) throws Exception
      Assign the given groups to UserInfo.groupList. The default implementation calls checkoutUsers to read the ELO groups and maps the group names to their IDs. Group UserInfo.ID_EVERYONE should be always assigned.
      Parameters:
      ui - UserInfo.groupList is set by this function.
      domain - Domain
      userName - User name.
      groupNamesOS - Set of group names.
      Throws:
      Exception

    • assignUserName

      void assignUserName(UserInfo ui, Domain domain, String userName, Attributes attributes) throws Exception
      Assign user name, os name and mail address.
      Parameters:
      ui - UserInfo.name, UserInfo.userProps[UserInfoC.PROP_NAME_OS], and UserInfo.userProps[UserInfoC.PROP_NAME_EMAIL] are set.
      domain - Domain
      userName - User name.
      attributes - Attributes from LDAP server
      Throws:
      Exception

    • assignSuperior

      void assignSuperior(UserInfo ui, Domain domain, String userName, Attributes attributes) throws Exception
      Assign superior.
      Parameters:
      ui - UserInfo.name, UserInfo.userProps[UserInfoC.PROP_NAME_OS], and UserInfo.userProps[UserInfoC.PROP_NAME_EMAIL] are set.
      domain - Domain
      userName - User name.
      attributes - Attributes from LDAP server
      Throws:
      Exception

    • assignProperties

      void assignProperties(UserInfo ui, Domain domain, String userName, Attributes attributes) throws Exception
      Assign LDAP attributes.
      Parameters:
      ui - UserInfo.ldapProperties are set
      domain - Domain
      userName - User name.
      attributes - Attributes from LDAP server
      Throws:
      Exception