本文整理汇总了Java中org.apache.shiro.realm.ldap.LdapContextFactory类的典型用法代码示例。如果您正苦于以下问题:Java LdapContextFactory类的具体用法?Java LdapContextFactory怎么用?Java LdapContextFactory使用的例子?那么恭喜您, 这里精选的类代码示例或许可以为您提供帮助。
LdapContextFactory类属于org.apache.shiro.realm.ldap包,在下文中一共展示了LdapContextFactory类的16个代码示例,这些例子默认根据受欢迎程度排序。您可以为喜欢或者感觉有用的代码点赞,您的评价将有助于我们的系统推荐出更棒的Java代码示例。
示例1: queryForAuthenticationInfo
import org.apache.shiro.realm.ldap.LdapContextFactory; //导入依赖的package包/类
/**
* Builds an {@link AuthenticationInfo} object by querying the active directory LDAP context for the
* specified username.
*/
@Override
protected AuthenticationInfo queryForAuthenticationInfo(
AuthenticationToken token, LdapContextFactory ldapContextFactory) throws NamingException {
final UsernamePasswordToken upToken = ensureUsernamePasswordToken(token);
final String userDn = findUserDn(ldapContextFactory, upToken.getUsername());
LdapContext ctx = null;
try {
// Binds using the username and password provided by the user.
ctx = ldapContextFactory.getLdapContext(userDn, upToken.getPassword());
} finally {
LdapUtils.closeContext(ctx);
}
return buildAuthenticationInfo(upToken.getUsername(), upToken.getPassword());
}
开发者ID:line,项目名称:centraldogma,代码行数:21,代码来源:SearchFirstActiveDirectoryRealm.java
示例2: queryForAuthorizationInfo
import org.apache.shiro.realm.ldap.LdapContextFactory; //导入依赖的package包/类
/**
* Builds an {@link org.apache.shiro.authz.AuthorizationInfo} object by querying the active directory LDAP context for the
* groups that a user is a member of. The groups are then translated to role names by using the
* configured {@link #groupRolesMap}.
* <p/>
* This implementation expects the <tt>principal</tt> argument to be a String username.
* <p/>
* Subclasses can override this method to determine authorization data (roles, permissions, etc) in a more
* complex way. Note that this default implementation does not support permissions, only roles.
*
* @param principals the principal of the Subject whose account is being retrieved.
* @param ldapContextFactory the factory used to create LDAP connections.
* @return the AuthorizationInfo for the given Subject principal.
* @throws NamingException if an error occurs when searching the LDAP server.
*/
protected AuthorizationInfo queryForAuthorizationInfo(PrincipalCollection principals, LdapContextFactory ldapContextFactory) throws NamingException {
String username = (String) getAvailablePrincipal(principals);
// Perform context search
LdapContext ldapContext = ldapContextFactory.getSystemLdapContext();
Set<String> roleNames;
try {
roleNames = getRoleNamesForUser(username, ldapContext);
} finally {
LdapUtils.closeContext(ldapContext);
}
return buildAuthorizationInfo(roleNames);
}
开发者ID:xuegongzi,项目名称:rabbitframework,代码行数:33,代码来源:ActiveDirectoryRealm.java
示例3: getLdapContextFactory
import org.apache.shiro.realm.ldap.LdapContextFactory; //导入依赖的package包/类
public LdapContextFactory getLdapContextFactory() {
if (this.ldapContextFactory == null) {
if (log.isDebugEnabled()) {
log.debug("No LdapContextFactory specified - creating a default instance.");
}
DefaultLdapContextFactory defaultFactory = new DefaultLdapContextFactory();
defaultFactory.setPrincipalSuffix(this.principalSuffix);
defaultFactory.setSearchBase(this.searchBase);
defaultFactory.setUrl(this.url);
defaultFactory.setSystemUsername(this.systemUsername);
defaultFactory.setSystemPassword(getSystemPassword());
this.ldapContextFactory = defaultFactory;
}
return this.ldapContextFactory;
}
开发者ID:apache,项目名称:zeppelin,代码行数:18,代码来源:ActiveDirectoryGroupRealm.java
示例4: queryForAuthenticationInfo
import org.apache.shiro.realm.ldap.LdapContextFactory; //导入依赖的package包/类
/**
* Builds an {@link AuthenticationInfo} object by querying the active directory LDAP context for
* the specified username. This method binds to the LDAP server using the provided username
* and password - which if successful, indicates that the password is correct.
* <p/>
* This method can be overridden by subclasses to query the LDAP server in a more complex way.
*
* @param token the authentication token provided by the user.
* @param ldapContextFactory the factory used to build connections to the LDAP server.
* @return an {@link AuthenticationInfo} instance containing information retrieved from LDAP.
* @throws NamingException if any LDAP errors occur during the search.
*/
protected AuthenticationInfo queryForAuthenticationInfo(
AuthenticationToken token, LdapContextFactory ldapContextFactory) throws NamingException {
UsernamePasswordToken upToken = (UsernamePasswordToken) token;
// Binds using the username and password provided by the user.
LdapContext ctx = null;
try {
String userPrincipalName = upToken.getUsername();
if (!isValidPrincipalName(userPrincipalName)) {
return null;
}
if (this.principalSuffix != null && userPrincipalName.indexOf('@') < 0) {
userPrincipalName = upToken.getUsername() + this.principalSuffix;
}
ctx = ldapContextFactory.getLdapContext(
userPrincipalName, upToken.getPassword());
} finally {
LdapUtils.closeContext(ctx);
}
return buildAuthenticationInfo(upToken.getUsername(), upToken.getPassword());
}
开发者ID:apache,项目名称:zeppelin,代码行数:36,代码来源:ActiveDirectoryGroupRealm.java
示例5: queryForAuthorizationInfo
import org.apache.shiro.realm.ldap.LdapContextFactory; //导入依赖的package包/类
/**
* Builds an {@link org.apache.shiro.authz.AuthorizationInfo} object by querying the active
* directory LDAP context for the groups that a user is a member of. The groups are then
* translated to role names by using the configured {@link #groupRolesMap}.
* <p/>
* This implementation expects the <tt>principal</tt> argument to be a String username.
* <p/>
* Subclasses can override this method to determine authorization data (roles, permissions, etc)
* in a more complex way. Note that this default implementation does not support permissions,
* only roles.
*
* @param principals the principal of the Subject whose account is being retrieved.
* @param ldapContextFactory the factory used to create LDAP connections.
* @return the AuthorizationInfo for the given Subject principal.
* @throws NamingException if an error occurs when searching the LDAP server.
*/
protected AuthorizationInfo queryForAuthorizationInfo(
PrincipalCollection principals,
LdapContextFactory ldapContextFactory) throws NamingException {
String username = (String) getAvailablePrincipal(principals);
// Perform context search
LdapContext ldapContext = ldapContextFactory.getSystemLdapContext();
Set<String> roleNames;
try {
roleNames = getRoleNamesForUser(username, ldapContext);
} finally {
LdapUtils.closeContext(ldapContext);
}
return buildAuthorizationInfo(roleNames);
}
开发者ID:apache,项目名称:zeppelin,代码行数:36,代码来源:ActiveDirectoryGroupRealm.java
示例6: queryForAuthorizationInfo
import org.apache.shiro.realm.ldap.LdapContextFactory; //导入依赖的package包/类
/**
* Get groups from LDAP.
*
* @param principals
* the principals of the Subject whose AuthenticationInfo should
* be queried from the LDAP server.
* @param ldapContextFactory
* factory used to retrieve LDAP connections.
* @return an {@link AuthorizationInfo} instance containing information
* retrieved from the LDAP server.
* @throws NamingException
* if any LDAP errors occur during the search.
*/
@Override
public AuthorizationInfo queryForAuthorizationInfo(final PrincipalCollection principals,
final LdapContextFactory ldapContextFactory) throws NamingException {
if (!isAuthorizationEnabled()) {
return null;
}
final Set<String> roleNames = getRoles(principals, ldapContextFactory);
if (log.isDebugEnabled()) {
log.debug("RolesNames Authorization: " + roleNames);
}
SimpleAuthorizationInfo simpleAuthorizationInfo = new SimpleAuthorizationInfo(roleNames);
Set<String> stringPermissions = permsFor(roleNames);
simpleAuthorizationInfo.setStringPermissions(stringPermissions);
return simpleAuthorizationInfo;
}
开发者ID:apache,项目名称:zeppelin,代码行数:29,代码来源:LdapRealm.java
示例7: hasAllowedAuthenticationRules
import org.apache.shiro.realm.ldap.LdapContextFactory; //导入依赖的package包/类
private boolean hasAllowedAuthenticationRules(PrincipalCollection principals,
final LdapContextFactory ldapContextFactory)
throws NamingException {
boolean allowed = allowedRolesForAuthentication.isEmpty();
if (!allowed) {
Set<String> roles = getRoles(principals, ldapContextFactory);
for (String allowedRole: allowedRolesForAuthentication) {
if (roles.contains(allowedRole)) {
log.debug("Allowed role for user [" + allowedRole + "] found.");
allowed = true;
break;
}
}
}
return allowed;
}
开发者ID:apache,项目名称:zeppelin,代码行数:17,代码来源:LdapRealm.java
示例8: getRoles
import org.apache.shiro.realm.ldap.LdapContextFactory; //导入依赖的package包/类
private Set<String> getRoles(PrincipalCollection principals,
final LdapContextFactory ldapContextFactory)
throws NamingException {
final String username = (String) getAvailablePrincipal(principals);
LdapContext systemLdapCtx = null;
try {
systemLdapCtx = ldapContextFactory.getSystemLdapContext();
return rolesFor(principals, username, systemLdapCtx,
ldapContextFactory, SecurityUtils.getSubject().getSession());
} catch (AuthenticationException ae) {
ae.printStackTrace();
return Collections.emptySet();
} finally {
LdapUtils.closeContext(systemLdapCtx);
}
}
开发者ID:apache,项目名称:zeppelin,代码行数:18,代码来源:LdapRealm.java
示例9: findUserDn
import org.apache.shiro.realm.ldap.LdapContextFactory; //导入依赖的package包/类
/**
* Finds a distinguished name(DN) of a user by querying the active directory LDAP context for the
* specified username.
*/
protected String findUserDn(LdapContextFactory ldapContextFactory, String username) throws NamingException {
LdapContext ctx = null;
try {
// Binds using the system username and password.
ctx = ldapContextFactory.getSystemLdapContext();
final SearchControls ctrl = new SearchControls();
ctrl.setCountLimit(1);
ctrl.setSearchScope(SearchControls.SUBTREE_SCOPE);
ctrl.setTimeLimit(searchTimeoutMillis);
final String filter =
searchFilter != null ? USERNAME_PLACEHOLDER.matcher(searchFilter)
.replaceAll(username)
: username;
final NamingEnumeration<SearchResult> result = ctx.search(searchBase, filter, ctrl);
try {
if (!result.hasMore()) {
throw new AuthenticationException("No username: " + username);
}
return result.next().getNameInNamespace();
} finally {
result.close();
}
} finally {
LdapUtils.closeContext(ctx);
}
}
开发者ID:line,项目名称:centraldogma,代码行数:33,代码来源:SearchFirstActiveDirectoryRealm.java
示例10: queryForAuthorizationInfo
import org.apache.shiro.realm.ldap.LdapContextFactory; //导入依赖的package包/类
@Override
protected AuthorizationInfo queryForAuthorizationInfo(PrincipalCollection principalCollection,
LdapContextFactory contextFactory) throws NamingException {
logger.debug("queryForAuthorizationInfo, principalCollection.getPrimaryPrincipal: {}",
principalCollection.getPrimaryPrincipal());
logger.debug("contextFactory : {}", contextFactory);
return null;
}
开发者ID:Pardus-LiderAhenk,项目名称:lider,代码行数:9,代码来源:LiderLdapRealm.java
示例11: queryForAuthenticationInfo
import org.apache.shiro.realm.ldap.LdapContextFactory; //导入依赖的package包/类
/**
* Builds an {@link AuthenticationInfo} object by querying the active directory LDAP context for the
* specified username. This method binds to the LDAP server using the provided username and password -
* which if successful, indicates that the password is correct.
* <p/>
* This method can be overridden by subclasses to query the LDAP server in a more complex way.
*
* @param token the authentication token provided by the user.
* @param ldapContextFactory the factory used to build connections to the LDAP server.
* @return an {@link AuthenticationInfo} instance containing information retrieved from LDAP.
* @throws NamingException if any LDAP errors occur during the search.
*/
protected AuthenticationInfo queryForAuthenticationInfo(AuthenticationToken token, LdapContextFactory ldapContextFactory) throws NamingException {
UsernamePasswordToken upToken = (UsernamePasswordToken) token;
// Binds using the username and password provided by the user.
LdapContext ctx = null;
try {
ctx = ldapContextFactory.getLdapContext(upToken.getUsername(), String.valueOf(upToken.getPassword()));
} finally {
LdapUtils.closeContext(ctx);
}
return buildAuthenticationInfo(upToken.getUsername(), upToken.getPassword());
}
开发者ID:xuegongzi,项目名称:rabbitframework,代码行数:27,代码来源:ActiveDirectoryRealm.java
示例12: queryForAuthorizationInfo
import org.apache.shiro.realm.ldap.LdapContextFactory; //导入依赖的package包/类
public AuthorizationInfo queryForAuthorizationInfo(
PrincipalCollection principals,
LdapContextFactory ldapContextFactory) throws NamingException {
String username = (String) getAvailablePrincipal(principals);
LdapContext ldapContext = ldapContextFactory.getSystemLdapContext();
Set<String> roleNames = getRoleNamesForUser(username, ldapContext, getUserDnTemplate());
return new SimpleAuthorizationInfo(roleNames);
}
开发者ID:apache,项目名称:zeppelin,代码行数:9,代码来源:LdapGroupRealm.java
示例13: queryForAuthenticationInfo
import org.apache.shiro.realm.ldap.LdapContextFactory; //导入依赖的package包/类
/**
* This overrides the implementation of queryForAuthenticationInfo inside JndiLdapRealm.
* In addition to calling the super method for authentication it also tries to validate
* if this user has atleast one of the allowed roles for authentication. In case the property
* allowedRolesForAuthentication is empty this check always returns true.
*
* @param token the submitted authentication token that triggered the authentication attempt.
* @param ldapContextFactory factory used to retrieve LDAP connections.
* @return AuthenticationInfo instance representing the authenticated user's information.
* @throws NamingException if any LDAP errors occur.
*/
@Override
protected AuthenticationInfo queryForAuthenticationInfo(AuthenticationToken token,
LdapContextFactory ldapContextFactory)
throws NamingException {
AuthenticationInfo info = super.queryForAuthenticationInfo(token, ldapContextFactory);
// Credentials were verified. Verify that the principal has all allowedRulesForAuthentication
if (!hasAllowedAuthenticationRules(info.getPrincipals(), ldapContextFactory)) {
throw new NamingException("Principal does not have any of the allowedRolesForAuthentication");
}
return info;
}
开发者ID:apache,项目名称:zeppelin,代码行数:23,代码来源:LdapRealm.java
示例14: queryForAuthenticationInfo
import org.apache.shiro.realm.ldap.LdapContextFactory; //导入依赖的package包/类
@Override
protected AuthenticationInfo queryForAuthenticationInfo(
AuthenticationToken token, LdapContextFactory ldapContextFactory)
throws NamingException {
UsernamePasswordToken upToken = (UsernamePasswordToken)token;
String userName = upToken.getUsername();
upToken.setUsername( userName + "@" + customDomain );
return super.queryForAuthenticationInfo(token, ldapContextFactory);
}
开发者ID:OpenSOC,项目名称:opensoc-streaming,代码行数:12,代码来源:CustomDomainADRealm.java
示例15: isUserMemberOfDynamicGroup
import org.apache.shiro.realm.ldap.LdapContextFactory; //导入依赖的package包/类
boolean isUserMemberOfDynamicGroup(LdapName userLdapDn, String memberUrl,
final LdapContextFactory ldapContextFactory) throws NamingException {
// ldap://host:port/dn?attributes?scope?filter?extensions
if (memberUrl == null) {
return false;
}
String[] tokens = memberUrl.split("\\?");
if (tokens.length < 4) {
return false;
}
String searchBaseString = tokens[0].substring(tokens[0].lastIndexOf("/") + 1);
String searchScope = tokens[2];
String searchFilter = tokens[3];
LdapName searchBaseDn = new LdapName(searchBaseString);
// do scope test
if (searchScope.equalsIgnoreCase("base")) {
log.debug("DynamicGroup SearchScope base");
return false;
}
if (!userLdapDn.toString().endsWith(searchBaseDn.toString())) {
return false;
}
if (searchScope.equalsIgnoreCase("one") && (userLdapDn.size() != searchBaseDn.size() - 1)) {
log.debug("DynamicGroup SearchScope one");
return false;
}
// search for the filter, substituting base with userDn
// search for base_dn=userDn, scope=base, filter=filter
LdapContext systemLdapCtx = null;
systemLdapCtx = ldapContextFactory.getSystemLdapContext();
boolean member = false;
NamingEnumeration<SearchResult> searchResultEnum = null;
try {
searchResultEnum = systemLdapCtx.search(userLdapDn, searchFilter,
searchScope.equalsIgnoreCase("sub") ? SUBTREE_SCOPE : ONELEVEL_SCOPE);
if (searchResultEnum.hasMore()) {
return true;
}
} finally {
try {
if (searchResultEnum != null) {
searchResultEnum.close();
}
} finally {
LdapUtils.closeContext(systemLdapCtx);
}
}
return member;
}
开发者ID:apache,项目名称:zeppelin,代码行数:55,代码来源:LdapRealm.java
示例16: testRolesFor
import org.apache.shiro.realm.ldap.LdapContextFactory; //导入依赖的package包/类
@Test
public void testRolesFor() throws NamingException {
LdapRealm realm = new LdapRealm();
realm.setGroupSearchBase("cn=groups,dc=apache");
realm.setGroupObjectClass("posixGroup");
realm.setMemberAttributeValueTemplate("cn={0},ou=people,dc=apache");
HashMap<String, String> rolesByGroups = new HashMap<>();
rolesByGroups.put("group-three", "zeppelin-role");
realm.setRolesByGroup(rolesByGroups);
LdapContextFactory ldapContextFactory = mock(LdapContextFactory.class);
LdapContext ldapCtx = mock(LdapContext.class);
Session session = mock(Session.class);
// expected search results
BasicAttributes group1 = new BasicAttributes();
group1.put(realm.getGroupIdAttribute(), "group-one");
group1.put(realm.getMemberAttribute(), "principal");
// user doesn't belong to this group
BasicAttributes group2 = new BasicAttributes();
group2.put(realm.getGroupIdAttribute(), "group-two");
group2.put(realm.getMemberAttribute(), "someoneelse");
// mapped to a different Zeppelin role
BasicAttributes group3 = new BasicAttributes();
group3.put(realm.getGroupIdAttribute(), "group-three");
group3.put(realm.getMemberAttribute(), "principal");
NamingEnumeration<SearchResult> results = enumerationOf(group1, group2, group3);
when(ldapCtx.search(any(String.class), any(String.class), any(SearchControls.class))).thenReturn(results);
Set<String> roles = realm.rolesFor(
new SimplePrincipalCollection("principal", "ldapRealm"),
"principal",
ldapCtx,
ldapContextFactory,
session
);
verify(ldapCtx).search(
"cn=groups,dc=apache",
"(objectclass=posixGroup)",
realm.getGroupSearchControls()
);
assertEquals(
new HashSet(Arrays.asList("group-one", "zeppelin-role")),
roles
);
}
开发者ID:apache,项目名称:zeppelin,代码行数:54,代码来源:LdapRealmTest.java
注:本文中的org.apache.shiro.realm.ldap.LdapContextFactory类示例整理自Github/MSDocs等源码及文档管理平台,相关代码片段筛选自各路编程大神贡献的开源项目,源码版权归原作者所有,传播和使用请参考对应项目的License;未经允许,请勿转载。 |
客服电话
APP下载
官方微信
请发表评论