Overview  Package   Class  Use  Tree  Deprecated  Index  Help 
 PREV CLASS   NEXT CLASS FRAMES    NO FRAMES    
SUMMARY: NESTED | FIELD | CONSTR | METHOD DETAIL: FIELD | CONSTR | METHOD

com.xpn.xwiki.user.impl.LDAP
Class XWikiLDAPAuthServiceImpl

java.lang.Object
  extended by com.xpn.xwiki.user.impl.xwiki.AbstractXWikiAuthService
      extended by com.xpn.xwiki.user.impl.xwiki.XWikiAuthServiceImpl
          extended by com.xpn.xwiki.user.impl.LDAP.XWikiLDAPAuthServiceImpl
All Implemented Interfaces:
XWikiAuthService
public class XWikiLDAPAuthServiceImpl
extends XWikiAuthServiceImpl

This class provides an authentication method that validates a user trough LDAP against a directory. It gives LDAP users access if they belong to a particular group, creates XWiki users if they have never logged in before and synchronizes membership to XWiki groups based on membership to LDAP groups.

Since:
1.3 M2
Version:
$Id: XWikiLDAPAuthServiceImpl.java 14437 2008-11-25 13:29:03Z tmortagne $

Field Summary
 
Fields inherited from class com.xpn.xwiki.user.impl.xwiki.XWikiAuthServiceImpl
authenticator
 
Constructor Summary
XWikiLDAPAuthServiceImpl()
           
 
Method Summary
protected  void addUserToXWikiGroup(java.lang.String xwikiUserName, java.lang.String groupName, XWikiContext context)
          Add user name to provided XWiki group.
 java.security.Principal authenticate(java.lang.String login, java.lang.String password, XWikiContext context)
          
protected  XWikiDocument createUserFromLDAP(XWikiDocument userProfile, java.util.List<XWikiLDAPSearchAttribute> searchAttributes, java.lang.String ldapDN, java.lang.String ldapUid, XWikiContext context)
          Create an XWiki user and set all mapped attributes from LDAP to XWiki attributes.
 java.lang.String[] getAttributeNameTable(XWikiContext context)
           
protected  XWikiDocument getAvailableUserProfile(java.lang.String validXWikiUserName, java.lang.String ldapUid, XWikiContext context)
           
protected  XWikiDocument getUserProfileByUid(java.lang.String validXWikiUserName, java.lang.String ldapUid, XWikiContext context)
           
protected  java.security.Principal ldapAuthenticate(java.lang.String login, java.lang.String password, XWikiContext context)
          Try both local and global ldap login and return Principal.
protected  java.security.Principal ldapAuthenticateInContext(java.lang.String ldapUid, java.lang.String validXWikiUserName, java.lang.String password, XWikiContext context)
          Try LDAP login for given context and return Principal.
protected  void removeUserFromXWikiGroup(java.lang.String xwikiUserName, java.lang.String groupName, XWikiContext context)
          Remove user name from provided XWiki group.
protected  void syncGroupMembership(java.lang.String xwikiUserName, java.lang.String userDN, java.lang.String xwikiGroupName, java.util.Collection<java.lang.String> userGroups, java.util.Map<java.lang.String,java.lang.String> groupMembers, XWikiContext context)
          Synchronize user XWiki membership with it's LDAP membership for provided group.
protected  void syncGroupsMembership(java.lang.String xwikiUserName, java.lang.String ldapDn, boolean createuser, XWikiLDAPUtils ldapUtils, XWikiContext context)
          Synchronize user XWiki membership with it's LDAP membership.
protected  void syncGroupsMembership(java.lang.String xwikiUserName, java.lang.String userDN, java.util.Map<java.lang.String,java.util.Set<java.lang.String>> groupMappings, XWikiLDAPUtils ldapUtils, XWikiContext context)
          Synchronize user XWiki membership with it's LDAP membership.
protected  void syncUser(XWikiDocument userProfile, java.util.List<XWikiLDAPSearchAttribute> searchAttributeListIn, java.lang.String ldapDn, java.lang.String ldapUid, XWikiLDAPUtils ldapUtils, XWikiContext context)
          Update or create XWiki user base on LDAP.
protected  void updateUserFromLDAP(XWikiDocument userProfile, java.util.List<XWikiLDAPSearchAttribute> searchAttributes, java.lang.String ldapDN, java.lang.String ldapUid, XWikiContext context)
          Sets attributes on the user object based on attribute values provided by the LDAP.
protected  java.security.Principal xwikiAuthenticate(java.lang.String ldapUid, java.lang.String ldapPassword, XWikiContext context)
          Try both local and global DB login if trylocal is true Principal.
 
Methods inherited from class com.xpn.xwiki.user.impl.xwiki.XWikiAuthServiceImpl
checkAuth, checkAuth, checkPassword, createUser, findUser, getAuthenticator, getParam, showLogin, stripContextPathFromURL
 
Methods inherited from class com.xpn.xwiki.user.impl.xwiki.AbstractXWikiAuthService
authenticateSuperAdmin, isSuperAdmin
 
Methods inherited from class java.lang.Object
clone, equals, finalize, getClass, hashCode, notify, notifyAll, toString, wait, wait, wait
 

Constructor Detail

XWikiLDAPAuthServiceImpl

public XWikiLDAPAuthServiceImpl()
Method Detail

authenticate

public java.security.Principal authenticate(java.lang.String login,
                                            java.lang.String password,
                                            XWikiContext context)
                                     throws XWikiException

Specified by:
authenticate in interface XWikiAuthService
Overrides:
authenticate in class XWikiAuthServiceImpl
Returns:
a null Principal Object if the user hasn't been authenticated or a valid Principal Object if the user is correctly authenticated
Throws:
XWikiException
See Also:
XWikiAuthServiceImpl.authenticate(java.lang.String, java.lang.String, com.xpn.xwiki.XWikiContext)

ldapAuthenticate

protected java.security.Principal ldapAuthenticate(java.lang.String login,
                                                   java.lang.String password,
                                                   XWikiContext context)
Try both local and global ldap login and return Principal.

Parameters:
login - the name of the user to log in.
password - the password of the user to log in.
context - the XWiki context.
Returns:
the Principal.

xwikiAuthenticate

protected java.security.Principal xwikiAuthenticate(java.lang.String ldapUid,
                                                    java.lang.String ldapPassword,
                                                    XWikiContext context)
                                             throws XWikiException
Try both local and global DB login if trylocal is true Principal.

Parameters:
ldapUid - the name of the user to log in.
ldapPassword - the password of the user to log in.
context - the XWiki context.
Returns:
the Principal.
Throws:
XWikiException - error when checking user name and password.

ldapAuthenticateInContext

protected java.security.Principal ldapAuthenticateInContext(java.lang.String ldapUid,
                                                            java.lang.String validXWikiUserName,
                                                            java.lang.String password,
                                                            XWikiContext context)
                                                     throws XWikiException,
                                                            java.io.UnsupportedEncodingException,
                                                            com.novell.ldap.LDAPException
Try LDAP login for given context and return Principal.

Parameters:
ldapUid - the name of the ldap user to log in.
validXWikiUserName - the name of the XWiki user to log in.
password - the password of the user to log in.
context - the XWiki context.
Returns:
the Principal.
Throws:
XWikiException - error when login.
java.io.UnsupportedEncodingException - error when login.
com.novell.ldap.LDAPException - error when login.

getAttributeNameTable

public java.lang.String[] getAttributeNameTable(XWikiContext context)
Parameters:
context - the XWiki context.
Returns:
the LDAP user attributes names.

syncUser

protected void syncUser(XWikiDocument userProfile,
                        java.util.List<XWikiLDAPSearchAttribute> searchAttributeListIn,
                        java.lang.String ldapDn,
                        java.lang.String ldapUid,
                        XWikiLDAPUtils ldapUtils,
                        XWikiContext context)
                 throws XWikiException
Update or create XWiki user base on LDAP.

Parameters:
userName - the name of the user.
userDN - the LDAP user DN.
searchAttributeListIn - the attributes.
ldapUtils - the LDAP communication tool.
context - the XWiki context.
Throws:
XWikiException - error when updating or creating XWiki user.

syncGroupsMembership

protected void syncGroupsMembership(java.lang.String xwikiUserName,
                                    java.lang.String ldapDn,
                                    boolean createuser,
                                    XWikiLDAPUtils ldapUtils,
                                    XWikiContext context)
                             throws XWikiException
Synchronize user XWiki membership with it's LDAP membership.

Parameters:
xwikiUserName - the name of the user.
ldapDn - the LDAP DN of the user.
createuser - indicate if the user is created or updated.
ldapUtils - the LDAP communication tool.
context - the XWiki context.
Throws:
XWikiException - error when synchronizing user membership.

syncGroupsMembership

protected void syncGroupsMembership(java.lang.String xwikiUserName,
                                    java.lang.String userDN,
                                    java.util.Map<java.lang.String,java.util.Set<java.lang.String>> groupMappings,
                                    XWikiLDAPUtils ldapUtils,
                                    XWikiContext context)
                             throws XWikiException
Synchronize user XWiki membership with it's LDAP membership.

Parameters:
xwikiUserName - the name of the user.
userDN - the LDAP DN of the user.
groupMappings - the mapping between XWiki groups names and LDAP groups names.
ldapUtils - the LDAP communication tool.
context - the XWiki context.
Throws:
XWikiException - error when synchronizing user membership.

syncGroupMembership

protected void syncGroupMembership(java.lang.String xwikiUserName,
                                   java.lang.String userDN,
                                   java.lang.String xwikiGroupName,
                                   java.util.Collection<java.lang.String> userGroups,
                                   java.util.Map<java.lang.String,java.lang.String> groupMembers,
                                   XWikiContext context)
Synchronize user XWiki membership with it's LDAP membership for provided group.

Parameters:
xwikiUserName - the name of the user.
userDN - the LDAP DN of the user.
xwikiGroupName - the name of the XWiki group.
userGroups - the XWiki groups of user.
groupMembers - the members of LDAP group.
context - the XWiki context.

addUserToXWikiGroup

protected void addUserToXWikiGroup(java.lang.String xwikiUserName,
                                   java.lang.String groupName,
                                   XWikiContext context)
Add user name to provided XWiki group.

Parameters:
xwikiUserName - the full name of the user.
groupName - the name of the group.
context - the XWiki context.

removeUserFromXWikiGroup

protected void removeUserFromXWikiGroup(java.lang.String xwikiUserName,
                                        java.lang.String groupName,
                                        XWikiContext context)
Remove user name from provided XWiki group.

Parameters:
xwikiUserName - the full name of the user.
groupName - the name of the group.
context - the XWiki context.

updateUserFromLDAP

protected void updateUserFromLDAP(XWikiDocument userProfile,
                                  java.util.List<XWikiLDAPSearchAttribute> searchAttributes,
                                  java.lang.String ldapDN,
                                  java.lang.String ldapUid,
                                  XWikiContext context)
                           throws XWikiException
Sets attributes on the user object based on attribute values provided by the LDAP.

Parameters:
xwikiUserName - the XWiki user name.
searchAttributes - the attributes.
context - the XWiki context.
Throws:
XWikiException - error when updating XWiki user.

createUserFromLDAP

protected XWikiDocument createUserFromLDAP(XWikiDocument userProfile,
                                           java.util.List<XWikiLDAPSearchAttribute> searchAttributes,
                                           java.lang.String ldapDN,
                                           java.lang.String ldapUid,
                                           XWikiContext context)
                                    throws XWikiException
Create an XWiki user and set all mapped attributes from LDAP to XWiki attributes.

Parameters:
userProfile - the XWiki user profile.
searchAttributes - the attributes.
ldapDN - the LDAP DN of the user.
ldapUid - the LDAP unique id of the user.
context - the XWiki context.
Returns:
the created user.
Throws:
XWikiException - error when creating XWiki user.

getUserProfileByUid

protected XWikiDocument getUserProfileByUid(java.lang.String validXWikiUserName,
                                            java.lang.String ldapUid,
                                            XWikiContext context)
                                     throws XWikiException
Throws:
XWikiException

getAvailableUserProfile

protected XWikiDocument getAvailableUserProfile(java.lang.String validXWikiUserName,
                                                java.lang.String ldapUid,
                                                XWikiContext context)
                                         throws XWikiException
Throws:
XWikiException
Overview  Package   Class  Use  Tree  Deprecated  Index  Help 
 PREV CLASS   NEXT CLASS FRAMES    NO FRAMES    
SUMMARY: NESTED | FIELD | CONSTR | METHOD DETAIL: FIELD | CONSTR | METHOD
Copyright © 2004-2008 XWiki. All Rights Reserved.