LDAPUserDataProvider (service-proxy-core 4.6.3 API)

java.lang.Object
- com.predic8.membrane.core.interceptor.authentication.session.LDAPUserDataProvider

All Implemented Interfaces:

UserDataProvider
```
public class LDAPUserDataProvider
extends Object
implements UserDataProvider
```
Description

A user data provider querying an LDAP server to authorize users and retrieve attributes.

Explanation
The LDAP User Data Provider performs two jobs:
1. Authentication of a username and password.
2. Retrieval of user attributes.
To achieve this, it first binds to base on the LDAP server url. If binddn is not present, it binds to the LDAP server anonymously, elsewise binddn and bindpw are used for authentication.

Next, a search searchPattern with scope searchScope is executed where "%LOGIN%" is replaced by the escaped version of the username.

The search returning no node or more than one node is treated as failure.

If passwordAttribute is set, and the node has an attribute with this name and this attribute's value starts with "{x-plain}", the password is checked against the rest of the value for equality. If passwordAttribute is not set, a second binding is attempted on the node using the password the user provided.

The user attribute keys specified in the mapping are then renamed according to the mapping and used for further processing (see the other modules of the login interceptor).

For the initial binding, connectTimeout can be used to specify a timeout in milliseconds. For the search, timeout can be used.

If readAttributesAsSelf is not set, the user attributes are collected from the search result. If it is set, an additional request is made after the second successful binding to retrieve the node's attributes.

Nested Class Summary

Nested Classes
Modifier and Type	Class and Description
`static class`	`LDAPUserDataProvider.AttributeMap`
`static class`	`LDAPUserDataProvider.CustomSocketFactory`
`static class`	`LDAPUserDataProvider.SearchScope`

Constructor Summary

Constructors
Constructor and Description

LDAPUserDataProvider()

Constructors
Constructor and Description
`LDAPUserDataProvider()`

Method Summary

All Methods Instance Methods Concrete Methods
Modifier and Type	Method and Description
`HashMap<String,String>`	`getAttributeMap()`
`String`	`getBase()`
`String`	`getBinddn()`
`String`	`getBindpw()`
`String`	`getConnectTimeout()`
`LDAPUserDataProvider.AttributeMap`	`getMap()`
`String`	`getPasswordAttribute()`
`String`	`getSearchPattern()`
`LDAPUserDataProvider.SearchScope`	`getSearchScope()`
`SSLParser`	`getSslParser()`
`String`	`getTimeout()`
`String`	`getUrl()`
`void`	`init(Router router)`
`boolean`	`isReadAttributesAsSelf()`
`void`	`setAttributeMap(HashMap<String,String> attributeMap)`
`void`	`setBase(String base)`
`void`	`setBinddn(String binddn)`
`void`	`setBindpw(String bindpw)`
`void`	`setConnectTimeout(String connectTimeout)`
`void`	`setMap(LDAPUserDataProvider.AttributeMap map)`
`void`	`setPasswordAttribute(String passwordAttribute)`
`void`	`setReadAttributesAsSelf(boolean readAttributesAsSelf)`
`void`	`setSearchPattern(String searchPattern)`
`void`	`setSearchScope(LDAPUserDataProvider.SearchScope searchScope)`
`void`	`setSslParser(SSLParser sslParser)`
`void`	`setTimeout(String timeout)`
`void`	`setUrl(String url)`
`Map<String,String>`	`verify(Map<String,String> postData)`

Methods inherited from class java.lang.Object
clone, equals, finalize, getClass, hashCode, notify, notifyAll, toString, wait, wait, wait

Constructor Detail
- LDAPUserDataProvider
```
public LDAPUserDataProvider()
```

Method Detail

verify
```
public Map<String,String> verify(Map<String,String> postData)
```
Specified by:

verify in interface UserDataProvider

Returns:

a hash map containing the user's attributes (used for the token generator or to pass on HTTP headers)

getUrl
```
public String getUrl()
```

setUrl
```
public void setUrl(String url)
```

getBase
```
public String getBase()
```

setBase
```
public void setBase(String base)
```

getBinddn
```
public String getBinddn()
```

setBinddn
```
public void setBinddn(String binddn)
```

getBindpw
```
public String getBindpw()
```

setBindpw
```
public void setBindpw(String bindpw)
```

getSearchPattern
```
public String getSearchPattern()
```

setSearchPattern

public void setSearchPattern(String searchPattern)

getSearchScope

public LDAPUserDataProvider.SearchScope getSearchScope()

setSearchScope

public void setSearchScope(LDAPUserDataProvider.SearchScope searchScope)

Default: subtree

getPasswordAttribute
```
public String getPasswordAttribute()
```

setPasswordAttribute

public void setPasswordAttribute(String passwordAttribute)

getTimeout
```
public String getTimeout()
```

setTimeout

public void setTimeout(String timeout)

Default: 1000

getConnectTimeout
```
public String getConnectTimeout()
```

setConnectTimeout

public void setConnectTimeout(String connectTimeout)

Default: 1000

isReadAttributesAsSelf

public boolean isReadAttributesAsSelf()

setReadAttributesAsSelf

public void setReadAttributesAsSelf(boolean readAttributesAsSelf)

Default: true

getAttributeMap

public HashMap<String,String> getAttributeMap()

setAttributeMap

public void setAttributeMap(HashMap<String,String> attributeMap)

getSslParser
```
public SSLParser getSslParser()
```

setSslParser

public void setSslParser(SSLParser sslParser)

init
```
public void init(Router router)
```
Specified by:

init in interface UserDataProvider

getMap

public LDAPUserDataProvider.AttributeMap getMap()

setMap

public void setMap(LDAPUserDataProvider.AttributeMap map)

Class LDAPUserDataProvider

Nested Class Summary

Constructor Summary

Method Summary

Methods inherited from class java.lang.Object

Constructor Detail

LDAPUserDataProvider

Method Detail

verify

getUrl

setUrl

getBase

setBase

getBinddn

setBinddn

getBindpw

setBindpw

getSearchPattern

setSearchPattern

getSearchScope

setSearchScope

getPasswordAttribute

setPasswordAttribute

getTimeout

setTimeout

getConnectTimeout

setConnectTimeout

isReadAttributesAsSelf

setReadAttributesAsSelf

getAttributeMap

setAttributeMap

getSslParser

setSslParser

init

getMap

setMap