本文整理汇总了Java中org.ldaptive.auth.Authenticator类的典型用法代码示例。如果您正苦于以下问题:Java Authenticator类的具体用法?Java Authenticator怎么用?Java Authenticator使用的例子?那么恭喜您, 这里精选的类代码示例或许可以为您提供帮助。
Authenticator类属于org.ldaptive.auth包,在下文中一共展示了Authenticator类的15个代码示例,这些例子默认根据受欢迎程度排序。您可以为喜欢或者感觉有用的代码点赞,您的评价将有助于系统推荐出更棒的Java代码示例。
示例1: newLdaptiveAuthenticator
import org.ldaptive.auth.Authenticator; //导入依赖的package包/类
/**
* New ldap authenticator.
*
* @param l the ldap settings.
* @return the authenticator
*/
public static Authenticator newLdaptiveAuthenticator(final AbstractLdapAuthenticationProperties l) {
switch (l.getType()) {
case AD:
LOGGER.debug("Creating active directory authenticator for [{}]", l.getLdapUrl());
return getActiveDirectoryAuthenticator(l);
case DIRECT:
LOGGER.debug("Creating direct-bind authenticator for [{}]", l.getLdapUrl());
return getDirectBindAuthenticator(l);
case AUTHENTICATED:
LOGGER.debug("Creating authenticated authenticator for [{}]", l.getLdapUrl());
return getAuthenticatedOrAnonSearchAuthenticator(l);
default:
LOGGER.debug("Creating anonymous authenticator for [{}]", l.getLdapUrl());
return getAuthenticatedOrAnonSearchAuthenticator(l);
}
}
示例2: configure
import org.ldaptive.auth.Authenticator; //导入依赖的package包/类
@Override
protected void configure() {
Multibinder<AuthenticationHandler> handlerBinder =
Multibinder.newSetBinder(
binder(), com.codenvy.api.dao.authentication.AuthenticationHandler.class);
handlerBinder.addBinding().to(LdapAuthenticationHandler.class);
bind(Authenticator.class).toProvider(AuthenticatorProvider.class);
bind(ConnectionFactory.class).toProvider(LdapConnectionFactoryProvider.class);
bind(PooledConnectionFactory.class).toProvider(LdapConnectionFactoryProvider.class);
bind(EntryResolver.class).toProvider(EntryResolverProvider.class);
bind(DBUserLinker.class).toProvider(DBUserLinkerProvider.class);
bind(LdapEntrySelector.class).toProvider(LdapEntrySelectorProvider.class);
bind(LdapSynchronizer.class).asEagerSingleton();
bind(LdapSynchronizerService.class);
bind(LdapSynchronizerPermissionsFilter.class);
bind(DisablePasswordOperationsFilter.class);
}
示例3: getDirectBindAuthenticator
import org.ldaptive.auth.Authenticator; //导入依赖的package包/类
private static Authenticator getDirectBindAuthenticator(final AbstractLdapAuthenticationProperties l) {
if (StringUtils.isBlank(l.getDnFormat())) {
throw new IllegalArgumentException("Dn format cannot be empty/blank for direct bind authentication");
}
final FormatDnResolver resolver = new FormatDnResolver(l.getDnFormat());
final Authenticator authenticator = new Authenticator(resolver, getPooledBindAuthenticationHandler(l, Beans.newLdaptivePooledConnectionFactory(l)));
if (l.isEnhanceWithEntryResolver()) {
authenticator.setEntryResolver(Beans.newLdaptiveSearchEntryResolver(l, Beans.newLdaptivePooledConnectionFactory(l)));
}
return authenticator;
}
示例4: getActiveDirectoryAuthenticator
import org.ldaptive.auth.Authenticator; //导入依赖的package包/类
private static Authenticator getActiveDirectoryAuthenticator(final AbstractLdapAuthenticationProperties l) {
if (StringUtils.isBlank(l.getDnFormat())) {
throw new IllegalArgumentException("Dn format cannot be empty/blank for active directory authentication");
}
final FormatDnResolver resolver = new FormatDnResolver(l.getDnFormat());
final Authenticator authn = new Authenticator(resolver, getPooledBindAuthenticationHandler(l, Beans.newLdaptivePooledConnectionFactory(l)));
if (l.isEnhanceWithEntryResolver()) {
authn.setEntryResolver(Beans.newLdaptiveSearchEntryResolver(l, Beans.newLdaptivePooledConnectionFactory(l)));
}
return authn;
}
示例5: getAuthenticator
import org.ldaptive.auth.Authenticator; //导入依赖的package包/类
private Authenticator getAuthenticator(
PooledConnectionFactory connFactory, EntryResolver entryResolver) {
switch (type) {
case AD:
return getActiveDirectoryAuthenticator(connFactory, entryResolver);
case DIRECT:
return getDirectBindAuthenticator(connFactory);
case SASL:
return getSaslAuthenticator(connFactory);
case ANONYMOUS:
case AUTHENTICATED:
default:
return getAuthenticatedOrAnonSearchAuthenticator(connFactory, entryResolver);
}
}
示例6: getSaslAuthenticator
import org.ldaptive.auth.Authenticator; //导入依赖的package包/类
private Authenticator getSaslAuthenticator(PooledConnectionFactory connFactory) {
checkRequiredProperty(
Pair.of(USER_FILTER_PROPERTY_NAME, userFilter),
Pair.of(BASE_DN_PROPERTY_NAME, baseDn),
Pair.of(USER_FILTER_PROPERTY_NAME, userFilter));
final PooledSearchDnResolver resolver = new PooledSearchDnResolver();
resolver.setBaseDn(baseDn);
resolver.setSubtreeSearch(subtreeSearch);
resolver.setAllowMultipleDns(allowMultipleDns);
resolver.setConnectionFactory(connFactory);
resolver.setUserFilter(userFilter);
return new Authenticator(resolver, getPooledBindAuthenticationHandler(connFactory));
}
示例7: getActiveDirectoryAuthenticator
import org.ldaptive.auth.Authenticator; //导入依赖的package包/类
private Authenticator getActiveDirectoryAuthenticator(
PooledConnectionFactory connFactory, EntryResolver entryResolver) {
checkRequiredProperty(DN_FORMAT_PROPERTY_NAME, dnFormat);
final FormatDnResolver resolver = new FormatDnResolver(dnFormat);
final Authenticator authn =
new Authenticator(resolver, getPooledBindAuthenticationHandler(connFactory));
authn.setEntryResolver(entryResolver);
return authn;
}
示例8: LdapAuthenticationHandler
import org.ldaptive.auth.Authenticator; //导入依赖的package包/类
@Inject
public LdapAuthenticationHandler(
Authenticator ldapAuthenticator, LdapUserIdNormalizer idNormalizer) {
this.ldapAuthenticator = ldapAuthenticator;
this.idNormalizer = idNormalizer;
this.returnAttributes = new String[] {idNormalizer.getIdAttributeName()};
}
示例9: directAuth
import org.ldaptive.auth.Authenticator; //导入依赖的package包/类
@Test
public void directAuth() throws Exception {
PooledConnectionFactory connFactory = server.getConnectionFactory();
EntryResolver entryResolver =
new EntryResolverProvider(
connFactory,
"ou=developers,dc=codenvy,dc=com", // <- base dn
null, // <- user filter
null)
.get(); // <- subtree search
Authenticator authenticator =
new AuthenticatorProvider(
connFactory,
entryResolver,
"ou=developers,dc=codenvy,dc=com", // <- base dn
"DIRECT", // <- auth type
"cn=%s,ou=developers,dc=codenvy,dc=com", // <- dn format
null, // <- user password attribute
null, // <- user filter
null, // <- allow multiple dns
null)
.get(); // <- subtree search
LdapAuthenticationHandler handler = new LdapAuthenticationHandler(authenticator, cnNormalizer);
mustAuthenticate(handler, "mike", "mike");
mustAuthenticate(handler, "john", "john");
mustNotAuthenticate(handler, "brad", "brad");
mustNotAuthenticate(handler, "ivan", "ivan");
}
示例10: authenticatedAuthUsingRootBaseDN
import org.ldaptive.auth.Authenticator; //导入依赖的package包/类
@Test
public void authenticatedAuthUsingRootBaseDN() {
PooledConnectionFactory connFactory = server.getConnectionFactory();
EntryResolver entryResolver =
new EntryResolverProvider(
connFactory,
"dc=codenvy,dc=com", // <- base dn
"cn={user}", // <- user filter
"true")
.get(); // <- subtree search
Authenticator authenticator =
new AuthenticatorProvider(
connFactory,
entryResolver,
"dc=codenvy,dc=com", // <- base dn
"AUTHENTICATED", // <- auth type
null, // <- dn format
null, // <- user password attribute
"cn={user}", // <- user filter
null, // <- allow multiple dns
"true")
.get(); // <- subtree search
LdapAuthenticationHandler handler = new LdapAuthenticationHandler(authenticator, cnNormalizer);
mustAuthenticate(handler, "mike", "mike");
mustAuthenticate(handler, "john", "john");
mustAuthenticate(handler, "ivan", "ivan");
mustAuthenticate(handler, "brad", "brad");
}
示例11: authenticatedAuthUsingCertainBaseDn
import org.ldaptive.auth.Authenticator; //导入依赖的package包/类
@Test
public void authenticatedAuthUsingCertainBaseDn() {
PooledConnectionFactory connFactory = server.getConnectionFactory();
EntryResolver entryResolver =
new EntryResolverProvider(
connFactory,
"ou=managers,dc=codenvy,dc=com", // <- base dn
"(&(objectClass=inetOrgPerson)(cn={user}))", // <- user filter
"true")
.get(); // <- subtree search
Authenticator authenticator =
new AuthenticatorProvider(
connFactory,
entryResolver,
"ou=managers,dc=codenvy,dc=com", // <- base dn
"AUTHENTICATED", // <- auth type
null, // <- dn format
null, // <- user password attribute
"(&(objectClass=inetOrgPerson)(cn={user}))", // <- user filter
null, // <- allow multiple dns
"true")
.get(); // <- subtree search
LdapAuthenticationHandler handler = new LdapAuthenticationHandler(authenticator, cnNormalizer);
mustAuthenticate(handler, "ivan", "ivan");
mustAuthenticate(handler, "brad", "brad");
mustNotAuthenticate(handler, "mike", "mike");
mustNotAuthenticate(handler, "john", "john");
}
示例12: authenticate
import org.ldaptive.auth.Authenticator; //导入依赖的package包/类
@Override
public Authentication authenticate(final Authentication authentication) throws AuthenticationException {
try {
final String username = authentication.getPrincipal().toString();
final Object credentials = authentication.getCredentials();
final String password = credentials == null ? null : credentials.toString();
LOGGER.debug("Preparing LDAP authentication request for user [{}]", username);
final AuthenticationRequest request = new AuthenticationRequest(username, new org.ldaptive.Credential(password), ReturnAttributes.ALL.value());
final Authenticator authenticator = Beans.newLdaptiveAuthenticator(adminPagesSecurityProperties.getLdap());
LOGGER.debug("Executing LDAP authentication request for user [{}]", username);
final AuthenticationResponse response = authenticator.authenticate(request);
LOGGER.debug("LDAP response: [{}]", response);
if (response.getResult()) {
final LdapEntry entry = response.getLdapEntry();
final CommonProfile profile = new CommonProfile();
profile.setId(username);
entry.getAttributes().forEach(a -> profile.addAttribute(a.getName(), a.getStringValues()));
LOGGER.debug("Collected user profile [{}]", profile);
this.authorizationGenerator.generate(WebUtils.getPac4jJ2EContext(), profile);
LOGGER.debug("Assembled user profile with roles after generating authorization claims [{}]", profile);
final Collection<GrantedAuthority> authorities = new ArrayList<>();
authorities.addAll(profile.getRoles().stream().map(SimpleGrantedAuthority::new).collect(Collectors.toList()));
LOGGER.debug("List of authorities remapped from profile roles are [{}]", authorities);
final RequireAnyRoleAuthorizer authorizer = new RequireAnyRoleAuthorizer(adminPagesSecurityProperties.getAdminRoles());
LOGGER.debug("Executing authorization for expected admin roles [{}]", authorizer.getElements());
final J2EContext context = WebUtils.getPac4jJ2EContext();
if (authorizer.isAllAuthorized(context, Arrays.asList(profile))) {
return new UsernamePasswordAuthenticationToken(username, password, authorities);
}
LOGGER.warn("User [{}] is not authorized to access the requested resource allowed to roles [{}]",
username, authorizer.getElements());
} else {
LOGGER.warn("LDAP authentication response produced no results for [{}]", username);
}
} catch (final Exception e) {
LOGGER.error(e.getMessage(), e);
throw new InsufficientAuthenticationException("Unexpected LDAP error", e);
}
throw new BadCredentialsException("Could not authenticate provided credentials");
}
示例13: ldapAuthenticationHandlers
import org.ldaptive.auth.Authenticator; //导入依赖的package包/类
@Bean
public Collection<AuthenticationHandler> ldapAuthenticationHandlers() {
final Collection<AuthenticationHandler> handlers = new HashSet<>();
casProperties.getAuthn().getLdap()
.stream()
.filter(ldapInstanceConfigurationPredicate())
.forEach(l -> {
final Map<String, String> attributes = Beans.transformPrincipalAttributesListIntoMap(l.getPrincipalAttributeList());
LOGGER.debug("Created and mapped principal attributes [{}] for [{}]...", attributes, l.getLdapUrl());
LOGGER.debug("Creating ldap authenticator for [{}] and baseDn [{}]", l.getLdapUrl(), l.getBaseDn());
final Authenticator authenticator = Beans.newLdaptiveAuthenticator(l);
LOGGER.debug("Ldap authenticator configured with return attributes [{}] for [{}] and baseDn [{}]",
attributes.keySet(), l.getLdapUrl(), l.getBaseDn());
LOGGER.debug("Creating ldap authentication handler for [{}]", l.getLdapUrl());
final LdapAuthenticationHandler handler = new LdapAuthenticationHandler(l.getName(),
servicesManager, ldapPrincipalFactory(),
l.getOrder(), authenticator);
final List<String> additionalAttributes = l.getAdditionalAttributes();
if (StringUtils.isNotBlank(l.getPrincipalAttributeId())) {
additionalAttributes.add(l.getPrincipalAttributeId());
}
handler.setAllowMultiplePrincipalAttributeValues(l.isAllowMultiplePrincipalAttributeValues());
handler.setAllowMissingPrincipalAttributeValue(l.isAllowMissingPrincipalAttributeValue());
handler.setPasswordEncoder(Beans.newPasswordEncoder(l.getPasswordEncoder()));
handler.setPrincipalNameTransformer(Beans.newPrincipalNameTransformer(l.getPrincipalTransformation()));
if (StringUtils.isNotBlank(l.getCredentialCriteria())) {
LOGGER.debug("Ldap authentication for [{}] is filtering credentials by [{}]",
l.getLdapUrl(), l.getCredentialCriteria());
handler.setCredentialSelectionPredicate(Beans.newCredentialSelectionPredicate(l.getCredentialCriteria()));
}
if (StringUtils.isBlank(l.getPrincipalAttributeId())) {
LOGGER.debug("No principal id attribute is found for ldap authentication via [{}]", l.getLdapUrl());
} else {
handler.setPrincipalIdAttribute(l.getPrincipalAttributeId());
LOGGER.debug("Using principal id attribute [{}] for ldap authentication via [{}]", l.getPrincipalAttributeId(),
l.getLdapUrl());
}
if (l.getPasswordPolicy().isEnabled()) {
LOGGER.debug("Password policy is enabled for [{}]. Constructing password policy configuration", l.getLdapUrl());
handler.setPasswordPolicyConfiguration(createLdapPasswordPolicyConfiguration(l, authenticator, attributes));
}
handler.setPrincipalAttributeMap(attributes);
LOGGER.debug("Initializing ldap authentication handler for [{}]", l.getLdapUrl());
handler.initialize();
handlers.add(handler);
});
return handlers;
}
示例14: LdapAuthenticator
import org.ldaptive.auth.Authenticator; //导入依赖的package包/类
public LdapAuthenticator(final Authenticator ldapAuthenticator) {
this.ldapAuthenticator = ldapAuthenticator;
}
示例15: getLdapAuthenticator
import org.ldaptive.auth.Authenticator; //导入依赖的package包/类
public Authenticator getLdapAuthenticator() {
return ldapAuthenticator;
}