public class RoleToGroupMappingJndiRealm extends org.apache.catalina.realm.JNDIRealm implements RoleGroupMapper
JNDIRealm
where we take care of the
role to ldap group mapping
Set the pathname
parameter to the role-mapping file where the
role to ldap group mapping is defined.org.apache.catalina.realm.JNDIRealm.JNDIConnection, org.apache.catalina.realm.JNDIRealm.User
adCompat, alternateURL, authentication, commonRole, connectionAttempt, connectionName, connectionPassword, connectionPool, connectionPoolSize, connectionTimeout, connectionURL, contextFactory, DEREF_ALIASES, derefAliases, protocol, readTimeout, referrals, roleBase, roleName, roleNested, roleSearch, roleSearchAsUser, roleSubtree, singleConnection, singleConnectionLock, sizeLimit, spnegoDelegationQop, timeLimit, useContextClassLoader, useDelegatedCredential, userBase, userPassword, userPattern, userPatternArray, userRoleAttribute, userRoleName, userSearch, userSubtree
allRolesMode, container, containerLog, realmPath, sm, stripRealmForGss, support, USER_ATTRIBUTES_DELIMITER, USER_ATTRIBUTES_WILDCARD, userAttributes, userAttributesList, validate, x509UsernameRetriever, x509UsernameRetrieverClassName
AFTER_DESTROY_EVENT, AFTER_INIT_EVENT, AFTER_START_EVENT, AFTER_STOP_EVENT, BEFORE_DESTROY_EVENT, BEFORE_INIT_EVENT, BEFORE_START_EVENT, BEFORE_STOP_EVENT, CONFIGURE_START_EVENT, CONFIGURE_STOP_EVENT, PERIODIC_EVENT, START_EVENT, STOP_EVENT
Constructor and Description |
---|
RoleToGroupMappingJndiRealm() |
Modifier and Type | Method and Description |
---|---|
void |
addRoleGroupMapping(String role,
String group)
Add the role and it's link(mapping) to the context where the webapp is
running in.
|
protected org.apache.tomcat.util.digester.Digester |
getDigester() |
String |
getPathname() |
protected List<String> |
getRoles(org.apache.catalina.realm.JNDIRealm.JNDIConnection connection,
org.apache.catalina.realm.JNDIRealm.User user)
Overrides getRoles to find the nested group memberships of this user, assuming users and groups
have a "memberOf" like attribute (specifed by 'userRoleName' and 'roleName') that specifies the groups
they are member of.
|
List<String> |
getRoles(org.apache.catalina.realm.JNDIRealm.JNDIConnection connection,
String username)
Find the LDAP group memberships of this user.
|
List<String> |
getRoles(String username)
Find the LDAP group memberships of this user.
|
protected void |
initMappingConfig()
Read the mapping configuration and apply the role group mapping to the container
|
protected void |
reportMappingConfig()
Report the roles mapping configured on the container
|
void |
setPathname(String pathname) |
protected void |
startInternal() |
authenticate, authenticate, authenticate, authenticate, authenticate, authenticate, authenticate, bindAsUser, checkCredentials, close, closePooledConnections, compareCredentials, convertToHexEscape, create, doAttributeValueEscaping, doFilterEscaping, doRFC2254Encoding, get, getAdCompat, getAlternateURL, getAuthentication, getCommonRole, getConnectionName, getConnectionPassword, getConnectionPoolSize, getConnectionTimeout, getConnectionURL, getContextFactory, getDerefAliases, getDirectoryContextEnvironment, getDistinguishedName, getForceDnHexEscape, getHostnameVerifier, getHostnameVerifierClassName, getPassword, getPrincipal, getPrincipal, getPrincipal, getPrincipal, getProtocol, getReadTimeout, getReferrals, getRoleBase, getRoleName, getRoleNested, getRoleSearch, getRoleSubtree, getSizeLimit, getSpnegoDelegationQop, getTimeLimit, getUser, getUser, getUser, getUserBase, getUserByPattern, getUserByPattern, getUserBySearch, getUserPassword, getUserPattern, getUserRoleAttribute, getUserRoleName, getUserSearch, getUserSubtree, getUseStartTls, isAvailable, isRoleSearchAsUser, isUseContextClassLoader, isUseDelegatedCredential, isUserSearchAsUser, open, parseUserPatternString, release, setAdCompat, setAlternateURL, setAuthentication, setCipherSuites, setCommonRole, setConnectionName, setConnectionPassword, setConnectionPoolSize, setConnectionTimeout, setConnectionURL, setContextFactory, setDerefAliases, setForceDnHexEscape, setHostnameVerifierClassName, setProtocol, setReadTimeout, setReferrals, setRoleBase, setRoleName, setRoleNested, setRoleSearch, setRoleSearchAsUser, setRoleSubtree, setSizeLimit, setSpnegoDelegationQop, setSslProtocol, setSslSocketFactoryClassName, setTimeLimit, setUseContextClassLoader, setUseDelegatedCredential, setUserBase, setUserPassword, setUserPattern, setUserRoleAttribute, setUserRoleName, setUserSearch, setUserSearchAsUser, setUserSubtree, setUseStartTls, stopInternal
addPropertyChangeListener, authenticate, backgroundProcess, findSecurityConstraints, getAllRolesMode, getContainer, getCredentialHandler, getDigest, getDigest, getDomainInternal, getObjectNameKeyProperties, getPrincipal, getRealmPath, getRealmSuffix, getRoles, getServer, getTransportGuaranteeRedirectStatus, getUserAttributes, getValidate, getX509UsernameRetrieverClassName, hasMessageDigest, hasResourcePermission, hasRole, hasRoleInternal, hasUserDataPermission, initInternal, isStripRealmForGss, main, parseUserAttributes, removePropertyChangeListener, setAllRolesMode, setContainer, setCredentialHandler, setRealmPath, setStripRealmForGss, setTransportGuaranteeRedirectStatus, setUserAttributes, setValidate, setX509UsernameRetrieverClassName, toString
destroyInternal, getDomain, getObjectName, postDeregister, postRegister, preDeregister, preRegister, register, setDomain, unregister, unregister
public List<String> getRoles(String username)
JNDIRealm.authenticate(String username, String credentials)
public List<String> getRoles(org.apache.catalina.realm.JNDIRealm.JNDIConnection connection, String username) throws NamingException
JNDIRealm.authenticate(JNDIConnection connection, String username, String credentials)
NamingException
protected List<String> getRoles(org.apache.catalina.realm.JNDIRealm.JNDIConnection connection, org.apache.catalina.realm.JNDIRealm.User user) throws NamingException
getRoles
in class org.apache.catalina.realm.JNDIRealm
NamingException
protected void startInternal() throws org.apache.catalina.LifecycleException
startInternal
in class org.apache.catalina.realm.JNDIRealm
org.apache.catalina.LifecycleException
protected org.apache.tomcat.util.digester.Digester getDigester()
Digester
to use for processing the XML input file, creating a new one if necessary.protected void initMappingConfig() throws IOException
IOException
protected void reportMappingConfig()
public void addRoleGroupMapping(String role, String group)
addRoleGroupMapping
in interface RoleGroupMapper
public String getPathname()
public void setPathname(String pathname)
Copyright © 2023 Frank!Framework. All rights reserved.