LdapImpl (omero-server 5.6.4 API)

java.lang.Object
- ome.logic.AbstractLevel2Service
- - ome.logic.LdapImpl

All Implemented Interfaces:

ome.api.ILdap, ome.api.ServiceInterface, ome.system.SelfConfigurableService, org.springframework.beans.factory.Aware, org.springframework.context.ApplicationContextAware
```
@Transactional(readOnly=true)
public class LdapImpl
extends AbstractLevel2Service
implements ome.api.ILdap, org.springframework.context.ApplicationContextAware
```
Provides methods for administering user accounts, passwords, as well as methods which require special privileges. Developer note: As can be expected, to perform these privileged the Admin service has access to several resources that should not be generally used while developing services. Misuse could circumvent security or auditing.

Since:

3.0-M3

See Also:

SecuritySystem, Permissions

Nested Class Summary

Nested Classes
Modifier and Type Class and Description

class LdapImpl.GroupLoader
Data class which stores the state of the NewUserGroupBean and NewUserGroupOwnerBean operations.

Nested Classes
Modifier and Type	Class and Description
`class`	`LdapImpl.GroupLoader` Data class which stores the state of the `NewUserGroupBean` and `NewUserGroupOwnerBean` operations.

Field Summary
- Fields inherited from class ome.logic.AbstractLevel2Service
  iQuery, iUpdate, metadata, queryFactory, readOnlyStatus, sec

Constructor Summary

Constructors
Constructor and Description
`LdapImpl(org.springframework.ldap.core.ContextSource ctx, org.springframework.ldap.core.LdapOperations ldap, ome.system.Roles roles, LdapConfig config, RoleProvider roleProvider, ome.util.SqlAction sql)`

Method Summary

All Methods Instance Methods Concrete Methods Deprecated Methods
Modifier and Type	Method and Description
`ome.model.meta.Experimenter`	`createUser(java.lang.String username)` Creates an `Experimenter` based on the supplied LDAP username.
`ome.model.meta.Experimenter`	`createUser(java.lang.String username, java.lang.String password)` Creates an `Experimenter` based on the supplied LDAP username.
`ome.model.meta.Experimenter`	`createUser(java.lang.String username, java.lang.String password, boolean checkPassword)` Creates an `Experimenter` based on the supplied LDAP username.
`boolean`	`createUserFromLdap(java.lang.String username, java.lang.String password)` Deprecated.
`java.util.List<ome.model.meta.Experimenter>`	`discover()`
`java.util.List<ome.model.meta.ExperimenterGroup>`	`discoverGroups()`
`java.lang.String`	`findDN(java.lang.String username)`
`ome.model.meta.Experimenter`	`findExperimenter(java.lang.String username)`
`ome.model.meta.ExperimenterGroup`	`findGroup(java.lang.String groupname)`
`java.lang.String`	`findGroupDN(java.lang.String groupname)`
`java.lang.Class<? extends ome.api.ServiceInterface>`	`getServiceInterface()`
`boolean`	`getSetting()`
`java.util.List<java.lang.Long>`	`loadLdapGroups(java.lang.String username, org.springframework.ldap.core.DistinguishedName dn)` Deprecated.
`java.lang.String`	`lookupLdapAuthExperimenter(java.lang.Long id)` Queries the LDAP server and returns the DN for the specified OMERO user ID.
`java.util.List<java.util.Map<java.lang.String,java.lang.Object>>`	`lookupLdapAuthExperimenters()` Queries the LDAP server and returns the DN for all OMERO users that have the `ldap` flag enabled.
`java.util.List<ome.model.meta.Experimenter>`	`searchAll()`
`java.util.List<ome.model.meta.Experimenter>`	`searchByAttribute(java.lang.String dns, java.lang.String attr, java.lang.String value)`
`java.util.List<ome.model.meta.Experimenter>`	`searchByAttributes(java.lang.String dn, java.lang.String[] attributes, java.lang.String[] values)`
`ome.model.meta.Experimenter`	`searchByDN(java.lang.String dns)`
`java.util.List<java.lang.String>`	`searchDnInGroups(java.lang.String attr, java.lang.String value)`
`void`	`setApplicationContext(org.springframework.context.ApplicationContext arg0)`
`void`	`setDN(java.lang.Long experimenterID, java.lang.String dn)` Deprecated.
`void`	`synchronizeLdapUser(java.lang.String username)`
`boolean`	`validatePassword(java.lang.String dn, java.lang.String password)` Validates password for base.

Methods inherited from class ome.logic.AbstractLevel2Service
getBeanHelper, getExtendedMetadata, getQueryFactory, getSecuritySystem, selfConfigure, setExtendedMetadata, setQueryFactory, setQueryService, setReadOnlyStatus, setSecuritySystem, setUpdateService

Methods inherited from class java.lang.Object
clone, equals, finalize, getClass, hashCode, notify, notifyAll, toString, wait, wait, wait

Constructor Detail

LdapImpl

public LdapImpl(org.springframework.ldap.core.ContextSource ctx,
                org.springframework.ldap.core.LdapOperations ldap,
                ome.system.Roles roles,
                LdapConfig config,
                RoleProvider roleProvider,
                ome.util.SqlAction sql)

Method Detail

setApplicationContext
```
public void setApplicationContext(org.springframework.context.ApplicationContext arg0)
                           throws org.springframework.beans.BeansException
```
Specified by:

setApplicationContext in interface org.springframework.context.ApplicationContextAware

Throws:

org.springframework.beans.BeansException

getServiceInterface
```
public java.lang.Class<? extends ome.api.ServiceInterface> getServiceInterface()
```
Specified by:

getServiceInterface in interface ome.system.SelfConfigurableService

searchAll

public java.util.List<ome.model.meta.Experimenter> searchAll()

Specified by:: searchAll in interface ome.api.ILdap

searchByAttribute

public java.util.List<ome.model.meta.Experimenter> searchByAttribute(java.lang.String dns,
                                                                     java.lang.String attr,
                                                                     java.lang.String value)

Specified by:: searchByAttribute in interface ome.api.ILdap

searchByDN

public ome.model.meta.Experimenter searchByDN(java.lang.String dns)

Specified by:: searchByDN in interface ome.api.ILdap

findDN

public java.lang.String findDN(java.lang.String username)

Specified by:: findDN in interface ome.api.ILdap

findGroupDN

public java.lang.String findGroupDN(java.lang.String groupname)

Specified by:: findGroupDN in interface ome.api.ILdap

findExperimenter

public ome.model.meta.Experimenter findExperimenter(java.lang.String username)

Specified by:: findExperimenter in interface ome.api.ILdap

findGroup

public ome.model.meta.ExperimenterGroup findGroup(java.lang.String groupname)

Specified by:: findGroup in interface ome.api.ILdap

searchDnInGroups

public java.util.List<java.lang.String> searchDnInGroups(java.lang.String attr,
                                                         java.lang.String value)

Specified by:: searchDnInGroups in interface ome.api.ILdap

searchByAttributes

public java.util.List<ome.model.meta.Experimenter> searchByAttributes(java.lang.String dn,
                                                                      java.lang.String[] attributes,
                                                                      java.lang.String[] values)

Specified by:: searchByAttributes in interface ome.api.ILdap

setDN

@Transactional(readOnly=false)
 @Deprecated
public void setDN(java.lang.Long experimenterID,
                                                              java.lang.String dn)

Deprecated.

Specified by:: setDN in interface ome.api.ILdap

getSetting
```
public boolean getSetting()
```
Specified by:

getSetting in interface ome.api.ILdap

synchronizeLdapUser

public void synchronizeLdapUser(java.lang.String username)

createUserFromLdap
```
@Deprecated
 @Transactional(readOnly=false)
public boolean createUserFromLdap(java.lang.String username,
                                                                              java.lang.String password)
```
Deprecated.

Creates an Experimenter based on the supplied LDAP username. Doesn't validate the user's password and can be only executed by admin users.

Parameters:

username - The user's LDAP username.

password - The user's LDAP password, not null.

Returns:

true if a user is created

createUser
```
@Transactional(readOnly=false)
public ome.model.meta.Experimenter createUser(java.lang.String username)
```
Creates an Experimenter based on the supplied LDAP username. Doesn't validate the user's password and can be only executed by admin users.

Specified by:

createUser in interface ome.api.ILdap

Parameters:

username - The user's LDAP username.

Returns:

The newly created Experimenter object.

createUser
```
public ome.model.meta.Experimenter createUser(java.lang.String username,
                                              java.lang.String password)
```
Creates an Experimenter based on the supplied LDAP username. Enforces user password validation.

Parameters:

username - The user's LDAP username.

password - The user's LDAP password, not null.

Returns:

The newly created Experimenter object.

createUser
```
public ome.model.meta.Experimenter createUser(java.lang.String username,
                                              java.lang.String password,
                                              boolean checkPassword)
```
Creates an Experimenter based on the supplied LDAP username. A boolean flag controls if password checks should be performed.

Parameters:

username - The user's LDAP username.

password - The user's password.

checkPassword - Flag indicating if password check should be performed.

Returns:

The newly created Experimenter object.

loadLdapGroups

@Deprecated
public java.util.List<java.lang.Long> loadLdapGroups(java.lang.String username,
                                                                 org.springframework.ldap.core.DistinguishedName dn)

Deprecated.

validatePassword
```
public boolean validatePassword(java.lang.String dn,
                                java.lang.String password)
```
Validates password for base. Base is user's DN. When context was created successful specified requirements are valid.

Parameters:

dn - the user's distinguished name

password - the user's password

Returns:

boolean if the user's password is correct

lookupLdapAuthExperimenters
```
public java.util.List<java.util.Map<java.lang.String,java.lang.Object>> lookupLdapAuthExperimenters()
```
Queries the LDAP server and returns the DN for all OMERO users that have the ldap flag enabled.

Returns:

a list of DN to user ID maps.

lookupLdapAuthExperimenter
```
public java.lang.String lookupLdapAuthExperimenter(java.lang.Long id)
```
Queries the LDAP server and returns the DN for the specified OMERO user ID. The LDAP server is queried and the DN returned only for IDs that have the ldap flag enabled.

Parameters:

id - The user ID.

Returns:

The DN as a String. Null if user isn't from LDAP.

discover

public java.util.List<ome.model.meta.Experimenter> discover()

Specified by:: discover in interface ome.api.ILdap

discoverGroups

public java.util.List<ome.model.meta.ExperimenterGroup> discoverGroups()

Specified by:: discoverGroups in interface ome.api.ILdap

Class LdapImpl

Nested Class Summary

Field Summary

Fields inherited from class ome.logic.AbstractLevel2Service

Constructor Summary

Method Summary

Methods inherited from class ome.logic.AbstractLevel2Service

Methods inherited from class java.lang.Object

Constructor Detail

LdapImpl

Method Detail

setApplicationContext

getServiceInterface

searchAll

searchByAttribute

searchByDN

findDN

findGroupDN

findExperimenter

findGroup

searchDnInGroups

searchByAttributes

setDN

getSetting

synchronizeLdapUser

createUserFromLdap

createUser

createUser

createUser

loadLdapGroups

validatePassword

lookupLdapAuthExperimenters

lookupLdapAuthExperimenter

discover

discoverGroups