org.jboss.seam.security.management

Class LdapIdentityStore

java.lang.Object

org.jboss.seam.security.management.LdapIdentityStore

All Implemented Interfaces:

Serializable, IdentityStore

@Name(value="org.jboss.seam.security.identityStore")
@Install(precedence=0,
         value=false)
@Scope(value=APPLICATION)
@BypassInterceptors
public class LdapIdentityStore
extends Object
implements IdentityStore, Serializable

An IdentityStore implementation that integrates with a directory service.

Author:

Shane Bryzak

See Also:

Serialized Form

Nested Class Summary

Nested classes/interfaces inherited from interface org.jboss.seam.security.management.IdentityStore

IdentityStore.Feature, IdentityStore.FeatureSet

Field Summary

Fields

Modifier and Type	Field and Description
protected IdentityStore.FeatureSet	featureSet

Constructor Summary

Constructors

Constructor and Description
LdapIdentityStore()

Method Summary

Methods

Modifier and Type	Method and Description
boolean	addRoleToGroup(String role, String group) Adds the specified role as a member of the specified group.
boolean	authenticate(String username, String password) Authenticates the specified user, using the specified password.
boolean	changePassword(String name, String password) Changes the password of the specified user to the specified password.
boolean	createRole(String role) Creates a new role with the specified role name.
boolean	createUser(String username, String password) Creates a new user with the specified username and password.
boolean	createUser(String username, String password, String firstname, String lastname) Creates a new user with the specified username, password, first name and last name.
boolean	deleteRole(String role) Deletes the specified role.
boolean	deleteUser(String name) Deletes the user with the specified username.
boolean	disableUser(String name) Disables the user with the specified username.
boolean	enableUser(String name) Enables the user with the specified username.
String	getBindCredentials()
String	getBindDN()
String	getEnabledAttribute()
Set<IdentityStore.Feature>	getFeatures()
String	getFirstNameAttribute()
String	getFullNameAttribute()
List<String>	getGrantedRoles(String name) Returns a list of all the roles explicitly granted to the specified user.
List<String>	getImpliedRoles(String name) Returns a list of all roles that the specified user is a member of.
String	getLastNameAttribute()
String	getObjectClassAttribute()
boolean	getRoleAttributeIsDN()
String	getRoleContextDN()
protected String	getRoleDN(String role)
String	getRoleDNPrefix()
String	getRoleDNSuffix()
List<String>	getRoleGroups(String name) Returns a list of all the groups that the specified role is a member of.
String	getRoleNameAttribute()
String[]	getRoleObjectClasses()
String	getSearchScope()
int	getSearchTimeLimit()
String	getSecurityAuthenticationType()
String	getServerAddress()
int	getServerPort()
String	getUserContextDN()
protected String	getUserDN(String username)
String	getUserDNPrefix()
String	getUserDNSuffix()
String	getUserNameAttribute()
String[]	getUserObjectClasses()
String	getUserPasswordAttribute()
String	getUserRoleAttribute()
boolean	grantRole(String name, String role) Grants the specified role to the specified user.
protected InitialLdapContext	initialiseContext()
protected InitialLdapContext	initialiseContext(String principal, String credentials)
boolean	isUserEnabled(String name) Returns true if the specified user is enabled.
List<String>	listGrantableRoles() Returns a list of roles that can be granted (i.e, excluding conditional roles)
List<Principal>	listMembers(String role) Lists the members of the specified role.
List<String>	listRoles() Returns a list of all the roles.
List<String>	listUsers() Returns a list of all users.
List<String>	listUsers(String filter) Returns a list of all users containing the specified filter text within their username.
boolean	removeRoleFromGroup(String role, String group) Removes the specified role from the specified group.
boolean	revokeRole(String name, String role) Revokes the specified role from the specified user.
boolean	roleExists(String role) Returns true if the specified role exists.
void	setBindCredentials(String bindCredentials)
void	setBindDN(String bindDN)
void	setEnabledAttribute(String enabledAttribute)
void	setFeatures(Set<IdentityStore.Feature> features)
void	setFirstNameAttribute(String firstNameAttribute)
void	setFullNameAttribute(String fullNameAttribute)
void	setLastNameAttribute(String lastNameAttribute)
void	setObjectClassAttribute(String objectClassAttribute)
void	setRoleAttributeIsDN(boolean value)
void	setRoleContextDN(String roleContextDN)
void	setRoleDNPrefix(String value)
void	setRoleDNSuffix(String value)
void	setRoleNameAttribute(String roleNameAttribute)
void	setRoleObjectClass(String[] roleObjectClasses)
void	setSearchScope(String value)
void	setSearchTimeLimit(int searchTimeLimit)
void	setSecurityAuthenticationType(String value)
void	setServerAddress(String serverAddress)
void	setServerPort(int serverPort)
void	setUserContextDN(String userContextDN)
void	setUserDNPrefix(String value)
void	setUserDNSuffix(String value)
void	setUserNameAttribute(String userNameAttribute)
void	setUserObjectClasses(String[] userObjectClasses)
void	setUserPasswordAttribute(String userPasswordAttribute)
void	setUserRoleAttribute(String userRoleAttribute)
boolean	supportsFeature(IdentityStore.Feature feature) Returns true if the IdentityStore implementation supports the specified feature.
boolean	userExists(String name) Returns true if the specified user exists.

Methods inherited from class java.lang.Object

clone, equals, finalize, getClass, hashCode, notify, notifyAll, toString, wait, wait, wait

Field Detail

featureSet

protected IdentityStore.FeatureSet featureSet

Constructor Detail

LdapIdentityStore

public LdapIdentityStore()

Method Detail

getServerAddress

public String getServerAddress()

setServerAddress

public void setServerAddress(String serverAddress)

getServerPort

public int getServerPort()

setServerPort

public void setServerPort(int serverPort)

getUserContextDN

public String getUserContextDN()

setUserContextDN

public void setUserContextDN(String userContextDN)

getRoleContextDN

public String getRoleContextDN()

setRoleContextDN

public void setRoleContextDN(String roleContextDN)

getUserDNPrefix

public String getUserDNPrefix()

setUserDNPrefix

public void setUserDNPrefix(String value)

getUserDNSuffix

public String getUserDNSuffix()

setUserDNSuffix

public void setUserDNSuffix(String value)

getRoleDNPrefix

public String getRoleDNPrefix()

setRoleDNPrefix

public void setRoleDNPrefix(String value)

getRoleDNSuffix

public String getRoleDNSuffix()

setRoleDNSuffix

public void setRoleDNSuffix(String value)

getBindDN

public String getBindDN()

setBindDN

public void setBindDN(String bindDN)

getBindCredentials

public String getBindCredentials()

setBindCredentials

public void setBindCredentials(String bindCredentials)

getUserRoleAttribute

public String getUserRoleAttribute()

setUserRoleAttribute

public void setUserRoleAttribute(String userRoleAttribute)

getRoleAttributeIsDN

public boolean getRoleAttributeIsDN()

setRoleAttributeIsDN

public void setRoleAttributeIsDN(boolean value)

getRoleNameAttribute

public String getRoleNameAttribute()

setRoleNameAttribute

public void setRoleNameAttribute(String roleNameAttribute)

getUserNameAttribute

public String getUserNameAttribute()

setUserNameAttribute

public void setUserNameAttribute(String userNameAttribute)

getUserPasswordAttribute

public String getUserPasswordAttribute()

setUserPasswordAttribute

public void setUserPasswordAttribute(String userPasswordAttribute)

getFirstNameAttribute

public String getFirstNameAttribute()

setFirstNameAttribute

public void setFirstNameAttribute(String firstNameAttribute)

getLastNameAttribute

public String getLastNameAttribute()

setLastNameAttribute

public void setLastNameAttribute(String lastNameAttribute)

getFullNameAttribute

public String getFullNameAttribute()

setFullNameAttribute

public void setFullNameAttribute(String fullNameAttribute)

getEnabledAttribute

public String getEnabledAttribute()

setEnabledAttribute

public void setEnabledAttribute(String enabledAttribute)

getObjectClassAttribute

public String getObjectClassAttribute()

setObjectClassAttribute

public void setObjectClassAttribute(String objectClassAttribute)

getRoleObjectClasses

public String[] getRoleObjectClasses()

setRoleObjectClass

public void setRoleObjectClass(String[] roleObjectClasses)

getUserObjectClasses

public String[] getUserObjectClasses()

setUserObjectClasses

public void setUserObjectClasses(String[] userObjectClasses)

getSearchTimeLimit

public int getSearchTimeLimit()

setSearchTimeLimit

public void setSearchTimeLimit(int searchTimeLimit)

getSecurityAuthenticationType

public String getSecurityAuthenticationType()

setSecurityAuthenticationType

public void setSecurityAuthenticationType(String value)

getSearchScope

public String getSearchScope()

setSearchScope

public void setSearchScope(String value)

getFeatures

public Set<IdentityStore.Feature> getFeatures()

setFeatures

public void setFeatures(Set<IdentityStore.Feature> features)

supportsFeature

public boolean supportsFeature(IdentityStore.Feature feature)

Description copied from interface: IdentityStore

Returns true if the IdentityStore implementation supports the specified feature.

Specified by:

supportsFeature in interface IdentityStore

initialiseContext

protected final InitialLdapContext initialiseContext()
                                              throws NamingException

Throws:

NamingException

initialiseContext

protected final InitialLdapContext initialiseContext(String principal,
                                   String credentials)
                                              throws NamingException

Throws:

NamingException

getUserDN

protected String getUserDN(String username)

getRoleDN

protected String getRoleDN(String role)

authenticate

public boolean authenticate(String username,
                   String password)

Description copied from interface: IdentityStore

Authenticates the specified user, using the specified password.

Specified by:

authenticate in interface IdentityStore

Returns:

true if authentication is successful.

changePassword

public boolean changePassword(String name,
                     String password)

Description copied from interface: IdentityStore

Changes the password of the specified user to the specified password.

Specified by:

changePassword in interface IdentityStore

Returns:

true if the user's password was successfully changed.

createRole

public boolean createRole(String role)

Description copied from interface: IdentityStore

Creates a new role with the specified role name.

Specified by:

createRole in interface IdentityStore

Returns:

true if the role was created successfully.

createUser

public boolean createUser(String username,
                 String password,
                 String firstname,
                 String lastname)

Description copied from interface: IdentityStore

Creates a new user with the specified username, password, first name and last name.

Specified by:

createUser in interface IdentityStore

Returns:

true if the user was successfully created.

createUser

public boolean createUser(String username,
                 String password)

Description copied from interface: IdentityStore

Creates a new user with the specified username and password.

Specified by:

createUser in interface IdentityStore

Returns:

true if the user was successfully created.

deleteRole

public boolean deleteRole(String role)

Description copied from interface: IdentityStore

Deletes the specified role.

Specified by:

deleteRole in interface IdentityStore

Returns:

true if the role was successfully deleted.

roleExists

public boolean roleExists(String role)

Description copied from interface: IdentityStore

Returns true if the specified role exists.

Specified by:

roleExists in interface IdentityStore

deleteUser

public boolean deleteUser(String name)

Description copied from interface: IdentityStore

Deletes the user with the specified username.

Specified by:

deleteUser in interface IdentityStore

Returns:

true if the user was successfully deleted.

isUserEnabled

public boolean isUserEnabled(String name)

Description copied from interface: IdentityStore

Returns true if the specified user is enabled.

Specified by:

isUserEnabled in interface IdentityStore

disableUser

public boolean disableUser(String name)

Description copied from interface: IdentityStore

Disables the user with the specified username. Disabled users are unable to authenticate.

Specified by:

disableUser in interface IdentityStore

Returns:

true if the specified user was successfully disabled.

enableUser

public boolean enableUser(String name)

Description copied from interface: IdentityStore

Enables the user with the specified username. Enabled users are able to authenticate.

Specified by:

enableUser in interface IdentityStore

Returns:

true if the specified user was successfully enabled.

getGrantedRoles

public List<String> getGrantedRoles(String name)

Description copied from interface: IdentityStore

Returns a list of all the roles explicitly granted to the specified user.

Specified by:

getGrantedRoles in interface IdentityStore

getImpliedRoles

public List<String> getImpliedRoles(String name)

Description copied from interface: IdentityStore

Returns a list of all roles that the specified user is a member of. This list may contain roles that may not have been explicitly granted to the user, which are indirectly implied due to group memberships.

Specified by:

getImpliedRoles in interface IdentityStore

grantRole

public boolean grantRole(String name,
                String role)

Description copied from interface: IdentityStore

Grants the specified role to the specified user.

Specified by:

grantRole in interface IdentityStore

Parameters:

name - The name of the user

role - The name of the role to grant to the user.

Returns:

true if the role was successfully granted.

revokeRole

public boolean revokeRole(String name,
                 String role)

Description copied from interface: IdentityStore

Revokes the specified role from the specified user.

Specified by:

revokeRole in interface IdentityStore

Parameters:

name - The name of the user

role - The name of the role to grant to the user.

Returns:

true if the role was successfully revoked.

listRoles

public List<String> listRoles()

Description copied from interface: IdentityStore

Returns a list of all the roles.

Specified by:

listRoles in interface IdentityStore

listGrantableRoles

public List<String> listGrantableRoles()

Description copied from interface: IdentityStore

Returns a list of roles that can be granted (i.e, excluding conditional roles)

Specified by:

listGrantableRoles in interface IdentityStore

listUsers

public List<String> listUsers()

Description copied from interface: IdentityStore

Returns a list of all users.

Specified by:

listUsers in interface IdentityStore

listUsers

public List<String> listUsers(String filter)

Description copied from interface: IdentityStore

Returns a list of all users containing the specified filter text within their username.

Specified by:

listUsers in interface IdentityStore

userExists

public boolean userExists(String name)

Description copied from interface: IdentityStore

Returns true if the specified user exists.

Specified by:

userExists in interface IdentityStore

getRoleGroups

public List<String> getRoleGroups(String name)

Description copied from interface: IdentityStore

Returns a list of all the groups that the specified role is a member of.

Specified by:

getRoleGroups in interface IdentityStore

listMembers

public List<Principal> listMembers(String role)

Description copied from interface: IdentityStore

Lists the members of the specified role.

Specified by:

listMembers in interface IdentityStore

addRoleToGroup

public boolean addRoleToGroup(String role,
                     String group)

Description copied from interface: IdentityStore

Adds the specified role as a member of the specified group.

Specified by:

addRoleToGroup in interface IdentityStore

Parameters:

role - The name of the role to add as a member

group - The name of the group that the specified role will be added to.

Returns:

true if the role was successfully added to the group.

removeRoleFromGroup

public boolean removeRoleFromGroup(String role,
                          String group)

Description copied from interface: IdentityStore

Removes the specified role from the specified group.

Specified by:

removeRoleFromGroup in interface IdentityStore

Parameters:

role - The name of the role to remove from the group.

group - The group from which to remove the role.

Returns:

true if the role was successfully removed from the group.