org.apache.shiro.realm.ldap

Class DefaultLdapContextFactory

java.lang.Object

org.apache.shiro.realm.ldap.DefaultLdapContextFactory

All Implemented Interfaces:

LdapContextFactory

Deprecated.

replaced by the JndiLdapContextFactory implementation. This implementation will be removed prior to Shiro 2.0

@Deprecated
public class DefaultLdapContextFactory
extends Object
implements LdapContextFactory

Default implementation of LdapContextFactory that can be configured or extended to customize the way LdapContext objects are retrieved.

This implementation of LdapContextFactory is used by the AbstractLdapRealm if a factory is not explictly configured.

Connection pooling is enabled by default on this factory, but can be disabled using the usePooling property.

Since:

0.2

Field Summary

Fields

Modifier and Type	Field and Description
protected String	authentication Deprecated.
protected String	contextFactoryClassName Deprecated.
protected String	principalSuffix Deprecated.
protected String	referral Deprecated.
protected String	searchBase Deprecated.
protected static String	SUN_CONNECTION_POOLING_PROPERTY Deprecated. The Sun LDAP property used to enable connection pooling.
protected String	systemPassword Deprecated.
protected String	systemUsername Deprecated.
protected String	url Deprecated.

Constructor Summary

Constructors

Constructor and Description
DefaultLdapContextFactory() Deprecated.

Method Summary

Modifier and Type	Method and Description
protected LdapContext	createLdapContext(Hashtable env) Deprecated. Creates and returns a new InitialLdapContext instance.
LdapContext	getLdapContext(Object principal, Object credentials) Deprecated. Creates (or retrieves from a pool) an LdapContext connection bound using the specified principal and credentials.
LdapContext	getLdapContext(String username, String password) Deprecated. the getLdapContext(Object, Object) method should be used in all cases to ensure more than String principals and credentials can be used. Shiro no longer calls this method - it will be removed before the 2.0 release.
LdapContext	getSystemLdapContext() Deprecated. Creates (or retrieves from a pool) a LdapContext connection bound using the system account, or anonymously if no system account is configured.
void	setAdditionalEnvironment(Map<String,String> additionalEnvironment) Deprecated. These entries are added to the environment map before initializing the LDAP context.
void	setAuthentication(String authentication) Deprecated. Sets the type of LDAP authentication to perform when connecting to the LDAP server.
void	setContextFactoryClassName(String contextFactoryClassName) Deprecated. The context factory to use.
void	setPrincipalSuffix(String principalSuffix) Deprecated. A suffix appended to the username.
void	setReferral(String referral) Deprecated. Sets the LDAP referral property.
void	setSearchBase(String searchBase) Deprecated. this attribute existed, but was never used in Shiro 1.x. It will be removed prior to Shiro 2.0.
void	setSystemPassword(String systemPassword) Deprecated. The system password that will be used when connecting to the LDAP server to retrieve authorization information about a user.
void	setSystemUsername(String systemUsername) Deprecated. The system username that will be used when connecting to the LDAP server to retrieve authorization information about a user.
void	setUrl(String url) Deprecated. The LDAP url to connect to.
void	setUsePooling(boolean usePooling) Deprecated. Determines whether or not LdapContext pooling is enabled for connections made using the system user account.

Methods inherited from class java.lang.Object

clone, equals, finalize, getClass, hashCode, notify, notifyAll, toString, wait, wait, wait

Field Detail

SUN_CONNECTION_POOLING_PROPERTY

protected static final String SUN_CONNECTION_POOLING_PROPERTY

Deprecated.

The Sun LDAP property used to enable connection pooling. This is used in the default implementation to enable LDAP connection pooling.

See Also:

Constant Field Values

authentication

protected String authentication

Deprecated.

principalSuffix

protected String principalSuffix

Deprecated.

searchBase

protected String searchBase

Deprecated.

contextFactoryClassName

protected String contextFactoryClassName

Deprecated.

url

protected String url

Deprecated.

referral

protected String referral

Deprecated.

systemUsername

protected String systemUsername

Deprecated.

systemPassword

protected String systemPassword

Deprecated.

Constructor Detail

DefaultLdapContextFactory

public DefaultLdapContextFactory()

Deprecated.

Method Detail

setAuthentication

public void setAuthentication(String authentication)

Deprecated.

Sets the type of LDAP authentication to perform when connecting to the LDAP server. Defaults to "simple"

Parameters:

authentication - the type of LDAP authentication to perform.

setPrincipalSuffix

public void setPrincipalSuffix(String principalSuffix)

Deprecated.

A suffix appended to the username. This is typically for domain names. (e.g. "@MyDomain.local")

Parameters:

principalSuffix - the suffix.

setSearchBase

@Deprecated
public void setSearchBase(String searchBase)

Deprecated. this attribute existed, but was never used in Shiro 1.x. It will be removed prior to Shiro 2.0.

The search base for the search to perform in the LDAP server. (e.g. OU=OrganizationName,DC=MyDomain,DC=local )

Parameters:

searchBase - the search base.

setContextFactoryClassName

public void setContextFactoryClassName(String contextFactoryClassName)

Deprecated.

The context factory to use. This defaults to the SUN LDAP JNDI implementation but can be overridden to use custom LDAP factories.

Parameters:

contextFactoryClassName - the context factory that should be used.

setUrl

public void setUrl(String url)

Deprecated.

The LDAP url to connect to. (e.g. ldap://:)

Parameters:

url - the LDAP url.

setReferral

public void setReferral(String referral)

Deprecated.

Sets the LDAP referral property. Defaults to "follow"

Parameters:

referral - the referral property.

setSystemUsername

public void setSystemUsername(String systemUsername)

Deprecated.

The system username that will be used when connecting to the LDAP server to retrieve authorization information about a user. This must be specified for LDAP authorization to work, but is not required for only authentication.

Parameters:

systemUsername - the username to use when logging into the LDAP server for authorization.

setSystemPassword

public void setSystemPassword(String systemPassword)

Deprecated.

The system password that will be used when connecting to the LDAP server to retrieve authorization information about a user. This must be specified for LDAP authorization to work, but is not required for only authentication.

Parameters:

systemPassword - the password to use when logging into the LDAP server for authorization.

setUsePooling

public void setUsePooling(boolean usePooling)

Deprecated.

Determines whether or not LdapContext pooling is enabled for connections made using the system user account. In the default implementation, this simply sets the com.sun.jndi.ldap.connect.pool property in the LDAP context environment. If you use an LDAP Context Factory that is not Sun's default implementation, you will need to override the default behavior to use this setting in whatever way your underlying LDAP ContextFactory supports. By default, pooling is enabled.

Parameters:

usePooling - true to enable pooling, or false to disable it.

setAdditionalEnvironment

public void setAdditionalEnvironment(Map<String,String> additionalEnvironment)

Deprecated.

These entries are added to the environment map before initializing the LDAP context.

Parameters:

additionalEnvironment - additional environment entries to be configured on the LDAP context.

getSystemLdapContext

public LdapContext getSystemLdapContext()
                                 throws NamingException

Deprecated.

Description copied from interface: LdapContextFactory

Creates (or retrieves from a pool) a LdapContext connection bound using the system account, or anonymously if no system account is configured.

Specified by:

getSystemLdapContext in interface LdapContextFactory

Returns:

a LdapContext bound by the system account, or bound anonymously if no system account is configured.

Throws:

NamingException - if there is an error creating the context.

getLdapContext

@Deprecated
public LdapContext getLdapContext(String username,
                                              String password)
                                       throws NamingException

Deprecated. the getLdapContext(Object, Object) method should be used in all cases to ensure more than String principals and credentials can be used. Shiro no longer calls this method - it will be removed before the 2.0 release.

Deprecated - use getLdapContext(Object, Object) instead. This will be removed before Apache Shiro 2.0.

Specified by:

getLdapContext in interface LdapContextFactory

Parameters:

username - the username to use when creating the connection.

password - the password to use when creating the connection.

Returns:

a LdapContext bound using the given username and password.

Throws:

NamingException - if there is an error creating the context.

getLdapContext

public LdapContext getLdapContext(Object principal,
                                  Object credentials)
                           throws NamingException

Deprecated.

Description copied from interface: LdapContextFactory

Creates (or retrieves from a pool) an LdapContext connection bound using the specified principal and credentials. The format of the principal and credentials are whatever is supported by the underlying LDAP InitialContextFactory implementation. The default Sun (now Oracle) implementation supports anonymous, simple, and SASL-based mechanisms.

This method was added in Shiro 1.1 to address the fact that principals and credentials can be more than just String user DNs and passwords for connecting to LDAP. For example, the credentials can be an X.509 certificate.

Specified by:

getLdapContext in interface LdapContextFactory

Parameters:

principal - the principal to use when acquiring a connection to the LDAP directory

credentials - the credentials (password, X.509 certificate, etc) to use when acquiring a connection to the LDAP directory

Returns:

the acquired LdapContext connection bound using the specified principal and credentials.

Throws:

NamingException - if unable to acquire a connection.

createLdapContext

protected LdapContext createLdapContext(Hashtable env)
                                 throws NamingException

Deprecated.

Creates and returns a new InitialLdapContext instance. This method exists primarily to support testing where a mock LdapContext can be returned instead of actually creating a connection, but subclasses are free to provide a different implementation if necessary.

Parameters:

env - the JNDI environment settings used to create the LDAP connection

Returns:

an LdapConnection

Throws:

NamingException - if a problem occurs creating the connection