Package org.ldaptive.auth

Class Authenticator

java.lang.Object
org.ldaptive.AbstractFreezable
org.ldaptive.auth.Authenticator
All Implemented Interfaces:
Freezable
public final class Authenticator extends AbstractFreezable
Provides functionality to authenticate users against an ldap directory.

  • Field Details

    • NO_OP_RESOLVER

      private static final EntryResolver NO_OP_RESOLVER
      NoOp entry resolver.

    • logger

      private final Logger logger
      Logger for this class.

    • dnResolver

      private DnResolver dnResolver
      For finding user DNs.

    • authenticationHandler

      private AuthenticationHandler authenticationHandler
      Handler to handle authentication.

    • entryResolver

      private EntryResolver entryResolver
      For finding user entries.

    • returnAttributes

      private String[] returnAttributes
      User attributes to return. Concatenated to AuthenticationRequest.getReturnAttributes().

    • requestHandlers

      private AuthenticationRequestHandler[] requestHandlers
      Handlers to handle authentication requests.

    • responseHandlers

      private AuthenticationResponseHandler[] responseHandlers
      Handlers to handle authentication responses.

    • resolveEntryOnFailure

      private boolean resolveEntryOnFailure
      Whether to execute the entry resolver on authentication failure.

  • Constructor Details

    • Authenticator

      public Authenticator()
      Default constructor.

    • Authenticator

      public Authenticator(DnResolver resolver, AuthenticationHandler handler)
      Creates a new authenticator.
      Parameters:
      resolver - dn resolver
      handler - authentication handler

  • Method Details

    • freeze

      public void freeze()
      Description copied from interface: Freezable
      Freezes this object, making it immutable.
      Specified by:
      freeze in interface Freezable
      Overrides:
      freeze in class AbstractFreezable

    • getDnResolver

      public DnResolver getDnResolver()
      Returns the DN resolver.
      Returns:
      DN resolver

    • setDnResolver

      public void setDnResolver(DnResolver resolver)
      Sets the DN resolver.
      Parameters:
      resolver - for finding DNs

    • getAuthenticationHandler

      public AuthenticationHandler getAuthenticationHandler()
      Returns the authentication handler.
      Returns:
      authentication handler

    • setAuthenticationHandler

      public void setAuthenticationHandler(AuthenticationHandler handler)
      Sets the authentication handler.
      Parameters:
      handler - for performing authentication

    • getEntryResolver

      public EntryResolver getEntryResolver()
      Returns the entry resolver.
      Returns:
      entry resolver

    • setEntryResolver

      public void setEntryResolver(EntryResolver resolver)
      Sets the entry resolver.
      Parameters:
      resolver - for finding entries

    • getResolveEntryOnFailure

      public boolean getResolveEntryOnFailure()
      Returns whether to execute the entry resolver on authentication failure.
      Returns:
      whether to execute the entry resolver on authentication failure

    • setResolveEntryOnFailure

      public void setResolveEntryOnFailure(boolean b)
      Sets whether to execute the entry resolver on authentication failure.
      Parameters:
      b - whether to execute the entry resolver

    • getReturnAttributes

      public String[] getReturnAttributes()
      Returns the return attributes.
      Returns:
      attributes to return

    • setReturnAttributes

      public void setReturnAttributes(String... attrs)
      Sets the return attributes.
      Parameters:
      attrs - return attributes

    • getRequestHandlers

      public AuthenticationRequestHandler[] getRequestHandlers()
      Returns the authentication request handlers.
      Returns:
      authentication request handlers

    • setRequestHandlers

      public void setRequestHandlers(AuthenticationRequestHandler... handlers)
      Sets the authentication request handlers.
      Parameters:
      handlers - authentication request handlers

    • getResponseHandlers

      public AuthenticationResponseHandler[] getResponseHandlers()
      Returns the authentication response handlers.
      Returns:
      authentication response handlers

    • setResponseHandlers

      public void setResponseHandlers(AuthenticationResponseHandler... handlers)
      Sets the authentication response handlers.
      Parameters:
      handlers - authentication response handlers

    • resolveDn

      public String resolveDn(User user) throws LdapException
      This will attempt to find the DN for the supplied user. DnResolver.resolve(User) is invoked to perform this operation.
      Parameters:
      user - to find DN for
      Returns:
      user DN
      Throws:
      LdapException - if an LDAP error occurs during resolution

    • authenticate

      public AuthenticationResponse authenticate(AuthenticationRequest request) throws LdapException
      Authenticate the user in the supplied request.
      Parameters:
      request - authentication request
      Returns:
      response containing the ldap entry of the user authenticated
      Throws:
      LdapException - if an LDAP error occurs

    • close

      public void close()
      Attempts to close any connection factories associated with this authenticator. Inspects the dnResolver, authenticationHandler and entryResolver for type ConnectionFactoryManager. If found, those underlying connection factories are closed. AggregateDnResolver, AggregateAuthenticationHandler and AggregateEntryResolver are handled as well. Note that custom components that contain connection factories but do not implement ConnectionFactoryManager will not be closed by this method.

    • closeConnectionFactoryManagers

      private void closeConnectionFactoryManagers(Set<ConnectionFactoryManager> managers)
      Attempts to close all the connection factories in the supplied collection.
      Parameters:
      managers - to close connection factories for

    • authenticate

      private AuthenticationResponse authenticate(String dn, AuthenticationRequest request) throws LdapException
      Validates input and performs authentication using an AuthenticationHandler. Executes any configured AuthenticationResponseHandler.
      Parameters:
      dn - to authenticate as
      request - containing authentication parameters
      Returns:
      ldap entry for the supplied DN
      Throws:
      LdapException - if an LDAP error occurs

    • validateInput

      private AuthenticationResponse validateInput(String dn, AuthenticationRequest request)
      Validates the authentication request and resolved DN. Returns an authentication response if validation failed.
      Parameters:
      dn - to validate
      request - to validate
      Returns:
      authentication response if validation failed, otherwise null

    • processRequest

      private AuthenticationRequest processRequest(String dn, AuthenticationRequest request) throws LdapException
      Creates a new authentication request applying any applicable configuration on this authenticator. Returns the supplied request if no configuration is applied.
      Parameters:
      dn - to process
      request - to process
      Returns:
      authentication request
      Throws:
      LdapException - if an error occurs with a request handler

    • resolveEntry

      private LdapEntry resolveEntry(AuthenticationCriteria criteria, AuthenticationHandlerResponse response) throws LdapException
      Attempts to find the ldap entry for the supplied DN. If an entry resolver has been configured it is used. A SearchEntryResolver is used if return attributes have been requested. If none of these criteria is met, a NoOpDnResolver is used.
      Parameters:
      criteria - needed by the entry resolver
      response - from the authentication handler
      Returns:
      ldap entry
      Throws:
      LdapException - if an error occurs resolving the entry

    • toString

      public String toString()
      Overrides:
      toString in class Object

    • builder

      public static Authenticator.Builder builder()
      Creates a builder for this class.
      Returns:
      new builder