public class LdapPasswordProvider extends ConfigurablePasswordProvider
PasswordProvider
which can create users on
request
to synchronize with an LDAP
directory. Assuming that a user exists in the configured LDAP store but not
in the database, then a new user will be created. Authentication, however,
always takes place against LDAP, and changing passwords is not allowed.
Note: deleted LDAP users will not be removed from OMERO, but will not be able
to login.SecuritySystem
,
Permissions
Modifier and Type | Field and Description |
---|---|
protected LdapImpl |
ldapUtil |
ctx, hash, ignoreUnknown, legacyUtil, log, salt, util
Constructor and Description |
---|
LdapPasswordProvider(PasswordUtil util,
LdapImpl ldap) |
LdapPasswordProvider(PasswordUtil util,
LdapImpl ldap,
boolean ignoreUnknown) |
Modifier and Type | Method and Description |
---|---|
Boolean |
checkPassword(String user,
String password,
boolean readOnly)
If
ConfigurablePasswordProvider.ignoreUnknown is true, returns null, since the base class
knows no users. |
boolean |
hasPassword(String user)
Only returns if the user is already in the database and has a DN value in
the password table.
|
changePassword, comparePasswords, comparePasswords, comparePasswords, encodePassword, encodePassword, encodeSaltedPassword, loginAttempt, setApplicationContext, setLegacyUtil
protected final LdapImpl ldapUtil
public LdapPasswordProvider(PasswordUtil util, LdapImpl ldap)
public LdapPasswordProvider(PasswordUtil util, LdapImpl ldap, boolean ignoreUnknown)
public boolean hasPassword(String user)
#checkPassword(String, String)
with this same user value, this
method might begin to return true due to a call to
LocalLdap#createUser(String, String)
.hasPassword
in interface PasswordProvider
hasPassword
in class ConfigurablePasswordProvider
public Boolean checkPassword(String user, String password, boolean readOnly)
ConfigurablePasswordProvider
ConfigurablePasswordProvider.ignoreUnknown
is true, returns null, since the base class
knows no users. Otherwise, return Boolean.FALSE
specifying that
authentication should fail.checkPassword
in interface PasswordProvider
checkPassword
in class ConfigurablePasswordProvider
Version: 5.1.3-ice35-b52
Copyright © 2015 The University of Dundee & Open Microscopy Environment. All Rights Reserved.