Package org.ldaptive.auth
Class Authenticator
- java.lang.Object
-
- org.ldaptive.AbstractFreezable
-
- org.ldaptive.auth.Authenticator
-
- All Implemented Interfaces:
Freezable
public final class Authenticator extends AbstractFreezable
Provides functionality to authenticate users against an ldap directory.
-
-
Nested Class Summary
Nested Classes Modifier and Type Class Description static class
Authenticator.Builder
Authenticator builder.
-
Field Summary
Fields Modifier and Type Field Description private AuthenticationHandler
authenticationHandler
Handler to handle authentication.private DnResolver
dnResolver
For finding user DNs.private EntryResolver
entryResolver
For finding user entries.private Logger
logger
Logger for this class.private static EntryResolver
NO_OP_RESOLVER
NoOp entry resolver.private AuthenticationRequestHandler[]
requestHandlers
Handlers to handle authentication requests.private boolean
resolveEntryOnFailure
Whether to execute the entry resolver on authentication failure.private AuthenticationResponseHandler[]
responseHandlers
Handlers to handle authentication responses.private String[]
returnAttributes
User attributes to return.
-
Constructor Summary
Constructors Constructor Description Authenticator()
Default constructor.Authenticator(DnResolver resolver, AuthenticationHandler handler)
Creates a new authenticator.
-
Method Summary
All Methods Static Methods Instance Methods Concrete Methods Modifier and Type Method Description private AuthenticationResponse
authenticate(String dn, AuthenticationRequest request)
Validates input and performs authentication using anAuthenticationHandler
.AuthenticationResponse
authenticate(AuthenticationRequest request)
Authenticate the user in the supplied request.static Authenticator.Builder
builder()
Creates a builder for this class.void
close()
Attempts to close any connection factories associated with this authenticator.private void
closeConnectionFactoryManagers(Set<ConnectionFactoryManager> managers)
Attempts to close all the connection factories in the supplied collection.void
freeze()
Freezes this object, making it immutable.AuthenticationHandler
getAuthenticationHandler()
Returns the authentication handler.DnResolver
getDnResolver()
Returns the DN resolver.EntryResolver
getEntryResolver()
Returns the entry resolver.AuthenticationRequestHandler[]
getRequestHandlers()
Returns the authentication request handlers.boolean
getResolveEntryOnFailure()
Returns whether to execute the entry resolver on authentication failure.AuthenticationResponseHandler[]
getResponseHandlers()
Returns the authentication response handlers.String[]
getReturnAttributes()
Returns the return attributes.private AuthenticationRequest
processRequest(String dn, AuthenticationRequest request)
Creates a new authentication request applying any applicable configuration on this authenticator.String
resolveDn(User user)
This will attempt to find the DN for the supplied user.private LdapEntry
resolveEntry(AuthenticationCriteria criteria, AuthenticationHandlerResponse response)
Attempts to find the ldap entry for the supplied DN.void
setAuthenticationHandler(AuthenticationHandler handler)
Sets the authentication handler.void
setDnResolver(DnResolver resolver)
Sets the DN resolver.void
setEntryResolver(EntryResolver resolver)
Sets the entry resolver.void
setRequestHandlers(AuthenticationRequestHandler... handlers)
Sets the authentication request handlers.void
setResolveEntryOnFailure(boolean b)
Sets whether to execute the entry resolver on authentication failure.void
setResponseHandlers(AuthenticationResponseHandler... handlers)
Sets the authentication response handlers.void
setReturnAttributes(String... attrs)
Sets the return attributes.String
toString()
private AuthenticationResponse
validateInput(String dn, AuthenticationRequest request)
Validates the authentication request and resolved DN.-
Methods inherited from class org.ldaptive.AbstractFreezable
assertMutable, freeze, freeze, isFrozen
-
-
-
-
Field Detail
-
NO_OP_RESOLVER
private static final EntryResolver NO_OP_RESOLVER
NoOp entry resolver.
-
logger
private final Logger logger
Logger for this class.
-
dnResolver
private DnResolver dnResolver
For finding user DNs.
-
authenticationHandler
private AuthenticationHandler authenticationHandler
Handler to handle authentication.
-
entryResolver
private EntryResolver entryResolver
For finding user entries.
-
returnAttributes
private String[] returnAttributes
User attributes to return. Concatenated toAuthenticationRequest.getReturnAttributes()
.
-
requestHandlers
private AuthenticationRequestHandler[] requestHandlers
Handlers to handle authentication requests.
-
responseHandlers
private AuthenticationResponseHandler[] responseHandlers
Handlers to handle authentication responses.
-
resolveEntryOnFailure
private boolean resolveEntryOnFailure
Whether to execute the entry resolver on authentication failure.
-
-
Constructor Detail
-
Authenticator
public Authenticator()
Default constructor.
-
Authenticator
public Authenticator(DnResolver resolver, AuthenticationHandler handler)
Creates a new authenticator.- Parameters:
resolver
- dn resolverhandler
- authentication handler
-
-
Method Detail
-
freeze
public void freeze()
Description copied from interface:Freezable
Freezes this object, making it immutable.- Specified by:
freeze
in interfaceFreezable
- Overrides:
freeze
in classAbstractFreezable
-
getDnResolver
public DnResolver getDnResolver()
Returns the DN resolver.- Returns:
- DN resolver
-
setDnResolver
public void setDnResolver(DnResolver resolver)
Sets the DN resolver.- Parameters:
resolver
- for finding DNs
-
getAuthenticationHandler
public AuthenticationHandler getAuthenticationHandler()
Returns the authentication handler.- Returns:
- authentication handler
-
setAuthenticationHandler
public void setAuthenticationHandler(AuthenticationHandler handler)
Sets the authentication handler.- Parameters:
handler
- for performing authentication
-
getEntryResolver
public EntryResolver getEntryResolver()
Returns the entry resolver.- Returns:
- entry resolver
-
setEntryResolver
public void setEntryResolver(EntryResolver resolver)
Sets the entry resolver.- Parameters:
resolver
- for finding entries
-
getResolveEntryOnFailure
public boolean getResolveEntryOnFailure()
Returns whether to execute the entry resolver on authentication failure.- Returns:
- whether to execute the entry resolver on authentication failure
-
setResolveEntryOnFailure
public void setResolveEntryOnFailure(boolean b)
Sets whether to execute the entry resolver on authentication failure.- Parameters:
b
- whether to execute the entry resolver
-
getReturnAttributes
public String[] getReturnAttributes()
Returns the return attributes.- Returns:
- attributes to return
-
setReturnAttributes
public void setReturnAttributes(String... attrs)
Sets the return attributes.- Parameters:
attrs
- return attributes
-
getRequestHandlers
public AuthenticationRequestHandler[] getRequestHandlers()
Returns the authentication request handlers.- Returns:
- authentication request handlers
-
setRequestHandlers
public void setRequestHandlers(AuthenticationRequestHandler... handlers)
Sets the authentication request handlers.- Parameters:
handlers
- authentication request handlers
-
getResponseHandlers
public AuthenticationResponseHandler[] getResponseHandlers()
Returns the authentication response handlers.- Returns:
- authentication response handlers
-
setResponseHandlers
public void setResponseHandlers(AuthenticationResponseHandler... handlers)
Sets the authentication response handlers.- Parameters:
handlers
- authentication response handlers
-
resolveDn
public String resolveDn(User user) throws LdapException
This will attempt to find the DN for the supplied user.DnResolver.resolve(User)
is invoked to perform this operation.- Parameters:
user
- to find DN for- Returns:
- user DN
- Throws:
LdapException
- if an LDAP error occurs during resolution
-
authenticate
public AuthenticationResponse authenticate(AuthenticationRequest request) throws LdapException
Authenticate the user in the supplied request.- Parameters:
request
- authentication request- Returns:
- response containing the ldap entry of the user authenticated
- Throws:
LdapException
- if an LDAP error occurs
-
close
public void close()
Attempts to close any connection factories associated with this authenticator. Inspects thednResolver
,authenticationHandler
andentryResolver
for typeConnectionFactoryManager
. If found, those underlying connection factories are closed.AggregateDnResolver
,AggregateAuthenticationHandler
andAggregateEntryResolver
are handled as well. Note that custom components that contain connection factories but do not implementConnectionFactoryManager
will not be closed by this method.
-
closeConnectionFactoryManagers
private void closeConnectionFactoryManagers(Set<ConnectionFactoryManager> managers)
Attempts to close all the connection factories in the supplied collection.- Parameters:
managers
- to close connection factories for
-
authenticate
private AuthenticationResponse authenticate(String dn, AuthenticationRequest request) throws LdapException
Validates input and performs authentication using anAuthenticationHandler
. Executes any configuredAuthenticationResponseHandler
.- Parameters:
dn
- to authenticate asrequest
- containing authentication parameters- Returns:
- ldap entry for the supplied DN
- Throws:
LdapException
- if an LDAP error occurs
-
validateInput
private AuthenticationResponse validateInput(String dn, AuthenticationRequest request)
Validates the authentication request and resolved DN. Returns an authentication response if validation failed.- Parameters:
dn
- to validaterequest
- to validate- Returns:
- authentication response if validation failed, otherwise null
-
processRequest
private AuthenticationRequest processRequest(String dn, AuthenticationRequest request) throws LdapException
Creates a new authentication request applying any applicable configuration on this authenticator. Returns the supplied request if no configuration is applied.- Parameters:
dn
- to processrequest
- to process- Returns:
- authentication request
- Throws:
LdapException
- if an error occurs with a request handler
-
resolveEntry
private LdapEntry resolveEntry(AuthenticationCriteria criteria, AuthenticationHandlerResponse response) throws LdapException
Attempts to find the ldap entry for the supplied DN. If an entry resolver has been configured it is used. ASearchEntryResolver
is used if return attributes have been requested. If none of these criteria is met, aNoOpDnResolver
is used.- Parameters:
criteria
- needed by the entry resolverresponse
- from the authentication handler- Returns:
- ldap entry
- Throws:
LdapException
- if an error occurs resolving the entry
-
builder
public static Authenticator.Builder builder()
Creates a builder for this class.- Returns:
- new builder
-
-