public class LdapPasswordProvider extends ConfigurablePasswordProvider
PasswordProvider
which can create users on
request
to synchronize with an LDAP
directory. Assuming that a user exists in the configured LDAP store but not
in the database, then a new user will be created. Authentication, however,
always takes place against LDAP, and changing passwords is not allowed.
Note: deleted LDAP users will not be removed from OMERO, but will not be able
to login.SecuritySystem
,
Permissions
Modifier and Type | Field and Description |
---|---|
protected LdapImpl |
ldapUtil |
ctx, hash, ignoreUnknown, legacyUtil, log, salt, util
Constructor and Description |
---|
LdapPasswordProvider(PasswordUtil util,
LdapImpl ldap) |
LdapPasswordProvider(PasswordUtil util,
LdapImpl ldap,
boolean ignoreUnknown) |
Modifier and Type | Method and Description |
---|---|
java.lang.Boolean |
checkPassword(java.lang.String user,
java.lang.String password,
boolean readOnly)
If this was constructed with the
ignoreUnknown argument set to
true , returns null , since the base class knows no users. |
boolean |
hasPassword(java.lang.String user)
Only returns if the user is already in the database and has a DN value in
the password table.
|
changePassword, comparePasswords, comparePasswords, comparePasswords, encodePassword, encodePassword, encodeSaltedPassword, loginAttempt, setApplicationContext, setLegacyUtil
protected final LdapImpl ldapUtil
public LdapPasswordProvider(PasswordUtil util, LdapImpl ldap)
public LdapPasswordProvider(PasswordUtil util, LdapImpl ldap, boolean ignoreUnknown)
public boolean hasPassword(java.lang.String user)
checkPassword(String, String, boolean)
with this same user value, this
method might begin to return true
due to a call to
LdapImpl.createUser(String, String)
.hasPassword
in interface PasswordProvider
hasPassword
in class ConfigurablePasswordProvider
public java.lang.Boolean checkPassword(java.lang.String user, java.lang.String password, boolean readOnly)
ConfigurablePasswordProvider
ignoreUnknown
argument set to
true
, returns null
, since the base class knows no users.
Otherwise, returns Boolean.FALSE
specifying that
authentication should fail.checkPassword
in interface PasswordProvider
checkPassword
in class ConfigurablePasswordProvider