java.lang.Object
- ome.security.auth.ConfigurablePasswordProvider
- - ome.security.auth.LdapPasswordProvider

All Implemented Interfaces:

PasswordProvider, PasswordUtility, org.springframework.beans.factory.Aware, org.springframework.context.ApplicationContextAware
```
public class LdapPasswordProvider
extends ConfigurablePasswordProvider
```
LDAP PasswordProvider which can create users on request to synchronize with an LDAP directory. Assuming that a user exists in the configured LDAP store but not in the database, then a new user will be created. Authentication, however, always takes place against LDAP, and changing passwords is not allowed. Note: deleted LDAP users will not be removed from OMERO, but will not be able to login.

Since:

4.0

See Also:

SecuritySystem, Permissions

Field Summary

Fields
Modifier and Type Field Description

protected LdapImpl ldapUtil
- Fields inherited from class ome.security.auth.ConfigurablePasswordProvider
  ctx, hash, ignoreUnknown, legacyUtil, log, salt, util

Constructor Summary

Constructors
Constructor	Description
`LdapPasswordProvider(PasswordUtil util, LdapImpl ldap)`
`LdapPasswordProvider(PasswordUtil util, LdapImpl ldap, boolean ignoreUnknown)`

Method Summary

All Methods Instance Methods Concrete Methods
Modifier and Type	Method	Description
`java.lang.Boolean`	`checkPassword(java.lang.String user, java.lang.String password, boolean readOnly)`	If this was constructed with the `ignoreUnknown` argument set to `true`, returns `null`, since the base class knows no users.
`boolean`	`hasPassword(java.lang.String user)`	Only returns if the user is already in the database and has a DN value in the password table.

Methods inherited from class ome.security.auth.ConfigurablePasswordProvider
changePassword, comparePasswords, comparePasswords, comparePasswords, encodePassword, encodePassword, encodeSaltedPassword, loginAttempt, setApplicationContext, setLegacyUtil

Methods inherited from class java.lang.Object
clone, equals, finalize, getClass, hashCode, notify, notifyAll, toString, wait, wait, wait

- Field Detail
  - ldapUtil
```
protected final LdapImpl ldapUtil
```
- Constructor Detail
  - LdapPasswordProvider
```
public LdapPasswordProvider(PasswordUtil util,
                            LdapImpl ldap)
```
  - LdapPasswordProvider
```
public LdapPasswordProvider(PasswordUtil util,
                            LdapImpl ldap,
                            boolean ignoreUnknown)
```
- Method Detail
  - hasPassword
```
public boolean hasPassword(java.lang.String user)
```
    Only returns if the user is already in the database and has a DN value in the password table. Note: after a call to checkPassword(String, String, boolean) with this same user value, this method might begin to return true due to a call to LdapImpl.createUser(String, String).
    
    Specified by:
    
    hasPassword in interface PasswordProvider
    
    Overrides:
    
    hasPassword in class ConfigurablePasswordProvider
  - checkPassword
```
public java.lang.Boolean checkPassword(java.lang.String user,
                                       java.lang.String password,
                                       boolean readOnly)
```
    Description copied from class: ConfigurablePasswordProvider
    
    If this was constructed with the ignoreUnknown argument set to true, returns null, since the base class knows no users. Otherwise, returns Boolean.FALSE specifying that authentication should fail.
    
    Specified by:
    
    checkPassword in interface PasswordProvider
    
    Overrides:
    
    checkPassword in class ConfigurablePasswordProvider

Class LdapPasswordProvider

Field Summary

Fields inherited from class ome.security.auth.ConfigurablePasswordProvider

Constructor Summary

Method Summary

Methods inherited from class ome.security.auth.ConfigurablePasswordProvider

Methods inherited from class java.lang.Object

Field Detail

ldapUtil

Constructor Detail

LdapPasswordProvider

LdapPasswordProvider

Method Detail

hasPassword

checkPassword