ome.security.auth.providers
Class LdapPasswordProvider431
java.lang.Object
ome.security.auth.ConfigurablePasswordProvider
ome.security.auth.providers.LdapPasswordProvider431
- All Implemented Interfaces:
- PasswordProvider, PasswordUtility, org.springframework.context.ApplicationContextAware
public class LdapPasswordProvider431
- extends ConfigurablePasswordProvider
LDAP PasswordProvider
which can create users on
request
to synchronize with an LDAP
directory. Assuming that a user exists in the configured LDAP store but not
in the database, then a new user will be created. Authentication, however,
always takes place against LDAP, and changing passwords is not allowed.
Note: deleted LDAP users will not be removed from OMERO, but will not be able
to login.
Note: unlike ome.security.auth.LdapPassProvider
, this implementation
(the default LDAP password provider up until 4.3.2) does not check
the user_filter on every login, but only when a user does not exist. This means
that when using this implementation it is not possible to remove a user's login
simply by modifying a part of the user_filter. To workaround various issues described
under tickets #6248 and #6885, it was necessary to retain this logic in 4.3.3.
- Since:
- 4.0
- Author:
- Josh Moore, josh at glencoesoftware.com
- See Also:
SecuritySystem
,
Permissions
Methods inherited from class java.lang.Object |
clone, equals, finalize, getClass, hashCode, notify, notifyAll, toString, wait, wait, wait |
ldapUtil
protected final LdapImpl ldapUtil
LdapPasswordProvider431
public LdapPasswordProvider431(PasswordUtil util,
LdapImpl ldap)
LdapPasswordProvider431
public LdapPasswordProvider431(PasswordUtil util,
LdapImpl ldap,
boolean ignoreUnknown)
hasPassword
public boolean hasPassword(String user)
- Only returns if the user is already in the database and has a DN value in
the password table. Note: after a call to
#checkPassword(String, String)
with this same user value, this
method might begin to return true due to a call to
LocalLdap#createUserFromLdap(String, String)
.
- Specified by:
hasPassword
in interface PasswordProvider
- Overrides:
hasPassword
in class ConfigurablePasswordProvider
checkPassword
public Boolean checkPassword(String user,
String password,
boolean readOnly)
- Description copied from class:
ConfigurablePasswordProvider
- If
ConfigurablePasswordProvider.ignoreUnknown
is true, returns null, since the base class
knows no users. Otherwise, return Boolean.FALSE
specifying that
authentication should fail.
- Specified by:
checkPassword
in interface PasswordProvider
- Overrides:
checkPassword
in class ConfigurablePasswordProvider
OmeroJava Api
Version: 4.3.4-dbcbce5a-b4
Copyright © 2009 The University of Dundee. All Rights Reserved.