@Transactional(readOnly=true) public class LdapImpl extends AbstractLevel2Service implements ILdap, org.springframework.context.ApplicationContextAware
SecuritySystem
,
Permissions
Modifier and Type | Class and Description |
---|---|
class |
LdapImpl.GroupLoader
Data class which stores the state of the
NewUserGroupBean and
NewUserGroupOwnerBean operations. |
iQuery, iUpdate, metadata, queryFactory, sec
Constructor and Description |
---|
LdapImpl(org.springframework.ldap.core.ContextSource ctx,
org.springframework.ldap.core.LdapOperations ldap,
Roles roles,
LdapConfig config,
RoleProvider roleProvider,
SqlAction sql) |
Modifier and Type | Method and Description |
---|---|
Experimenter |
createUser(String username)
Creates an
Experimenter based on the supplied LDAP username. |
Experimenter |
createUser(String username,
String password)
Creates an
Experimenter based on the supplied LDAP username. |
Experimenter |
createUser(String username,
String password,
boolean checkPassword)
Creates an
Experimenter based on the supplied LDAP username. |
boolean |
createUserFromLdap(String username,
String password)
Deprecated.
|
List<Experimenter> |
discover()
Discovers and lists
Experimenter s who are present
in the remote LDAP server and in the local DB but have the
ldap property set to false . |
List<ExperimenterGroup> |
discoverGroups()
Discovers and lists
ExperimenterGroup s which are
present in the remote LDAP server and in the local DB but have the
ldap property set to false . |
String |
findDN(String username)
Searches unique Distinguished Name -
String in LDAP for
Common Name equals username. |
Experimenter |
findExperimenter(String username)
Searches Experimenter by unique Distinguished Name -
String in LDAP for Common Name equals username. |
ExperimenterGroup |
findGroup(String groupname)
Looks up a specific
ExperimenterGroup in LDAP
using the provided group name. |
String |
findGroupDN(String groupname)
Looks up the DN for a group.
|
Class<? extends ServiceInterface> |
getServiceInterface() |
boolean |
getSetting()
Gets config value from properties.
|
List<Long> |
loadLdapGroups(String username,
org.springframework.ldap.core.DistinguishedName dn)
Deprecated.
|
String |
lookupLdapAuthExperimenter(Long id)
Queries the LDAP server and returns the DN for the specified OMERO user
ID.
|
List<Map<String,Object>> |
lookupLdapAuthExperimenters()
Queries the LDAP server and returns the DN for all OMERO users that have
the
ldap flag enabled. |
List<Experimenter> |
searchAll()
Searches all
Experimenter list on LDAP for
attribute objectClass = person. |
List<Experimenter> |
searchByAttribute(String dns,
String attr,
String value)
Searches all
Experimenter in LDAP for specified
attribute |
List<Experimenter> |
searchByAttributes(String dn,
String[] attributes,
String[] values)
Searches all
Experimenter in LDAP for specified
attributes. |
Experimenter |
searchByDN(String dns)
Searches one
Experimenter in LDAP for specified
Distinguished Name - String |
List<String> |
searchDnInGroups(String attr,
String value)
Searches Distinguished Name -
String in groups |
void |
setApplicationContext(org.springframework.context.ApplicationContext arg0) |
void |
setDN(Long experimenterID,
String dn)
Deprecated.
|
void |
synchronizeLdapUser(String username) |
boolean |
validatePassword(String dn,
String password)
Validates password for base.
|
getBeanHelper, getExtendedMetadata, getQueryFactory, getSecuritySystem, selfConfigure, setExtendedMetadata, setQueryFactory, setQueryService, setSecuritySystem, setUpdateService
public LdapImpl(org.springframework.ldap.core.ContextSource ctx, org.springframework.ldap.core.LdapOperations ldap, Roles roles, LdapConfig config, RoleProvider roleProvider, SqlAction sql)
public void setApplicationContext(org.springframework.context.ApplicationContext arg0) throws org.springframework.beans.BeansException
setApplicationContext
in interface org.springframework.context.ApplicationContextAware
org.springframework.beans.BeansException
public Class<? extends ServiceInterface> getServiceInterface()
getServiceInterface
in interface SelfConfigurableService
public List<Experimenter> searchAll()
ILdap
Experimenter
list on LDAP for
attribute objectClass = person.public List<Experimenter> searchByAttribute(String dns, String attr, String value)
ILdap
Experimenter
in LDAP for specified
attributesearchByAttribute
in interface ILdap
dns
- Distinguished Name
base for search. Never null.attr
- Name of attribute. Never null or empty.value
- Expected value of attribute. Never null or empty.public Experimenter searchByDN(String dns)
ILdap
Experimenter
in LDAP for specified
Distinguished Name - String
searchByDN
in interface ILdap
dns
- unique Distinguished Name - String
of user,
Never null or empty.public String findDN(String username)
ILdap
String
in LDAP for
Common Name equals username. Common Name should be unique under the
specified base. If list of cn's contains more then one DN will return
exception.public String findGroupDN(String groupname)
ILdap
findGroupDN
in interface ILdap
public Experimenter findExperimenter(String username)
ILdap
String
in LDAP for Common Name equals username. Common
Name should be unique under the specified base. If list of cn's contains
more then one DN will return exception.findExperimenter
in interface ILdap
username
- Name of the Experimenter equals CommonName.public ExperimenterGroup findGroup(String groupname)
ILdap
ExperimenterGroup
in LDAP
using the provided group name. It is expected that the group name will be
unique in the searched LDAP base tree. If more than one group with the
specified name has been found, an exception will be thrown.public List<String> searchDnInGroups(String attr, String value)
ILdap
String
in groupssearchDnInGroups
in interface ILdap
attr
- Name of member attribute. Never null or empty.value
- User's DN which should be set on value for attribute.
Never null or empty.public List<Experimenter> searchByAttributes(String dn, String[] attributes, String[] values)
ILdap
Experimenter
in LDAP for specified
attributes. Attributes should be specified in String [] and their values
should be set in equivalent String [].searchByAttributes
in interface ILdap
dn
- DistinguishedName
base for search. Never null.attributes
- Name of attribute. Never null or empty.values
- Expected value of attribute. Never null or empty.@Transactional(readOnly=false) @Deprecated public void setDN(Long experimenterID, String dn)
ILdap
dn
column in the password
table to the supplied string, for the supplied
Experimenter
ID.public boolean getSetting()
ILdap
getSetting
in interface ILdap
public void synchronizeLdapUser(String username)
@Deprecated @Transactional(readOnly=false) public boolean createUserFromLdap(String username, String password)
Experimenter
based on the supplied LDAP username.
Doesn't validate the user's password and can be only executed by admin
users.username
- The user's LDAP username.password
- The user's LDAP password, not null.@Transactional(readOnly=false) public Experimenter createUser(String username)
Experimenter
based on the supplied LDAP username.
Doesn't validate the user's password and can be only executed by admin
users.createUser
in interface ILdap
username
- The user's LDAP username.Experimenter
object.public Experimenter createUser(String username, String password)
Experimenter
based on the supplied LDAP username.
Enforces user password validation.username
- The user's LDAP username.password
- The user's LDAP password, not null.Experimenter
object.public Experimenter createUser(String username, String password, boolean checkPassword)
Experimenter
based on the supplied LDAP username.
A boolean flag controls if password checks should be performed.username
- The user's LDAP username.password
- The user's password.checkPassword
- Flag indicating if password check should be performed.Experimenter
object.@Deprecated public List<Long> loadLdapGroups(String username, org.springframework.ldap.core.DistinguishedName dn)
public boolean validatePassword(String dn, String password)
dn
- the user's distinguished namepassword
- the user's passwordpublic List<Map<String,Object>> lookupLdapAuthExperimenters()
ldap
flag enabled.public String lookupLdapAuthExperimenter(Long id)
ldap
flag enabled.id
- The user ID.public List<Experimenter> discover()
ILdap
Experimenter
s who are present
in the remote LDAP server and in the local DB but have the
ldap
property set to false
.public List<ExperimenterGroup> discoverGroups()
ILdap
ExperimenterGroup
s which are
present in the remote LDAP server and in the local DB but have the
ldap
property set to false
.discoverGroups
in interface ILdap
Version: 5.3.5-ice35-b73
Copyright © 2017 The University of Dundee & Open Microscopy Environment. All Rights Reserved.