Class LdapAuthenticationProviderConfigurer<B extends ProviderManagerBuilder<B>>
- java.lang.Object
-
- org.springframework.security.config.annotation.SecurityConfigurerAdapter<org.springframework.security.authentication.AuthenticationManager,B>
-
- org.springframework.security.config.annotation.authentication.configurers.ldap.LdapAuthenticationProviderConfigurer<B>
-
- Type Parameters:
B- theProviderManagerBuildertype that this is configuring.
- All Implemented Interfaces:
SecurityConfigurer<org.springframework.security.authentication.AuthenticationManager,B>
public class LdapAuthenticationProviderConfigurer<B extends ProviderManagerBuilder<B>> extends SecurityConfigurerAdapter<org.springframework.security.authentication.AuthenticationManager,B>
Configures LDAPAuthenticationProviderin theProviderManagerBuilder.- Since:
- 3.2
-
-
Nested Class Summary
Nested Classes Modifier and Type Class Description classLdapAuthenticationProviderConfigurer.ContextSourceBuilderAllows building aBaseLdapPathContextSourceand optionally creating an embedded LDAP instance.classLdapAuthenticationProviderConfigurer.PasswordCompareConfigurerSets up Password based comparison
-
Constructor Summary
Constructors Constructor Description LdapAuthenticationProviderConfigurer()
-
Method Summary
All Methods Instance Methods Concrete Methods Modifier and Type Method Description LdapAuthenticationProviderConfigurer<B>authoritiesMapper(org.springframework.security.core.authority.mapping.GrantedAuthoritiesMapper grantedAuthoritiesMapper)Specifies theGrantedAuthoritiesMapper.voidconfigure(B builder)Configure theSecurityBuilderby setting the necessary properties on theSecurityBuilder.LdapAuthenticationProviderConfigurer.ContextSourceBuildercontextSource()Allows easily configuring of aBaseLdapPathContextSourcewith defaults pointing to an embedded LDAP server that is created.LdapAuthenticationProviderConfigurer<B>contextSource(org.springframework.ldap.core.support.BaseLdapPathContextSource contextSource)Specifies theBaseLdapPathContextSourceto be used.protected org.springframework.security.core.authority.mapping.GrantedAuthoritiesMappergetAuthoritiesMapper()Gets theGrantedAuthoritiesMapperand defaults toSimpleAuthorityMapper.LdapAuthenticationProviderConfigurer<B>groupRoleAttribute(java.lang.String groupRoleAttribute)Specifies the attribute name which contains the role name.LdapAuthenticationProviderConfigurer<B>groupSearchBase(java.lang.String groupSearchBase)The search base for group membership searches.LdapAuthenticationProviderConfigurer<B>groupSearchFilter(java.lang.String groupSearchFilter)The LDAP filter to search for groups.LdapAuthenticationProviderConfigurer<B>groupSearchSubtree(boolean groupSearchSubtree)If set to true, a subtree scope search will be performed for group membership.LdapAuthenticationProviderConfigurer<B>ldapAuthoritiesPopulator(org.springframework.security.ldap.userdetails.LdapAuthoritiesPopulator ldapAuthoritiesPopulator)Specifies theLdapAuthoritiesPopulator.LdapAuthenticationProviderConfigurer.PasswordCompareConfigurerpasswordCompare()LdapAuthenticationProviderConfigurer<B>passwordEncoder(org.springframework.security.crypto.password.PasswordEncoder passwordEncoder)Specifies thePasswordEncoderto be used when authenticating with password comparison.LdapAuthenticationProviderConfigurer<B>rolePrefix(java.lang.String rolePrefix)A non-empty string prefix that will be added as a prefix to the existing roles.LdapAuthenticationProviderConfigurer<B>userDetailsContextMapper(org.springframework.security.ldap.userdetails.UserDetailsContextMapper userDetailsContextMapper)Allows explicit customization of the loaded user object by specifying a UserDetailsContextMapper bean which will be called with the context information from the user's directory entry.LdapAuthenticationProviderConfigurer<B>userDnPatterns(java.lang.String... userDnPatterns)If your users are at a fixed location in the directory (i.e.LdapAuthenticationProviderConfigurer<B>userSearchBase(java.lang.String userSearchBase)Search base for user searches.LdapAuthenticationProviderConfigurer<B>userSearchFilter(java.lang.String userSearchFilter)The LDAP filter used to search for users (optional).LdapAuthenticationProviderConfigurer<B>withObjectPostProcessor(ObjectPostProcessor<?> objectPostProcessor)Adds anObjectPostProcessorfor this class.-
Methods inherited from class org.springframework.security.config.annotation.SecurityConfigurerAdapter
addObjectPostProcessor, and, getBuilder, init, postProcess, setBuilder
-
-
-
-
Method Detail
-
ldapAuthoritiesPopulator
public LdapAuthenticationProviderConfigurer<B> ldapAuthoritiesPopulator(org.springframework.security.ldap.userdetails.LdapAuthoritiesPopulator ldapAuthoritiesPopulator)
Specifies theLdapAuthoritiesPopulator.- Parameters:
ldapAuthoritiesPopulator- theLdapAuthoritiesPopulatorthe default isDefaultLdapAuthoritiesPopulator- Returns:
- the
LdapAuthenticationProviderConfigurerfor further customizations
-
withObjectPostProcessor
public LdapAuthenticationProviderConfigurer<B> withObjectPostProcessor(ObjectPostProcessor<?> objectPostProcessor)
Adds anObjectPostProcessorfor this class.- Parameters:
objectPostProcessor-- Returns:
- the
ChannelSecurityConfigurerfor further customizations
-
authoritiesMapper
public LdapAuthenticationProviderConfigurer<B> authoritiesMapper(org.springframework.security.core.authority.mapping.GrantedAuthoritiesMapper grantedAuthoritiesMapper)
Specifies theGrantedAuthoritiesMapper.- Parameters:
grantedAuthoritiesMapper- theGrantedAuthoritiesMapperthe default isSimpleAuthorityMapper- Returns:
- the
LdapAuthenticationProviderConfigurerfor further customizations - Since:
- 4.1.1
-
getAuthoritiesMapper
protected org.springframework.security.core.authority.mapping.GrantedAuthoritiesMapper getAuthoritiesMapper() throws java.lang.ExceptionGets theGrantedAuthoritiesMapperand defaults toSimpleAuthorityMapper.- Returns:
- the
GrantedAuthoritiesMapper - Throws:
java.lang.Exception- if errors inSimpleAuthorityMapper.afterPropertiesSet()
-
contextSource
public LdapAuthenticationProviderConfigurer<B> contextSource(org.springframework.ldap.core.support.BaseLdapPathContextSource contextSource)
Specifies theBaseLdapPathContextSourceto be used. If not specified, an embedded LDAP server will be created usingcontextSource().- Parameters:
contextSource- theBaseLdapPathContextSourceto use- Returns:
- the
LdapAuthenticationProviderConfigurerfor further customizations - See Also:
contextSource()
-
contextSource
public LdapAuthenticationProviderConfigurer.ContextSourceBuilder contextSource()
Allows easily configuring of aBaseLdapPathContextSourcewith defaults pointing to an embedded LDAP server that is created.- Returns:
- the
LdapAuthenticationProviderConfigurer.ContextSourceBuilderfor further customizations
-
passwordEncoder
public LdapAuthenticationProviderConfigurer<B> passwordEncoder(org.springframework.security.crypto.password.PasswordEncoder passwordEncoder)
Specifies thePasswordEncoderto be used when authenticating with password comparison.- Parameters:
passwordEncoder- thePasswordEncoderto use- Returns:
- the
LdapAuthenticationProviderConfigurerfor further customization
-
userDnPatterns
public LdapAuthenticationProviderConfigurer<B> userDnPatterns(java.lang.String... userDnPatterns)
If your users are at a fixed location in the directory (i.e. you can work out the DN directly from the username without doing a directory search), you can use this attribute to map directly to the DN. It maps directly to the userDnPatterns property of AbstractLdapAuthenticator. The value is a specific pattern used to build the user's DN, for example "uid={0},ou=people". The key "{0}" must be present and will be substituted with the username.- Parameters:
userDnPatterns- the LDAP patterns for finding the usernames- Returns:
- the
LdapAuthenticationProviderConfigurerfor further customizations
-
userDetailsContextMapper
public LdapAuthenticationProviderConfigurer<B> userDetailsContextMapper(org.springframework.security.ldap.userdetails.UserDetailsContextMapper userDetailsContextMapper)
Allows explicit customization of the loaded user object by specifying a UserDetailsContextMapper bean which will be called with the context information from the user's directory entry.- Parameters:
userDetailsContextMapper- theUserDetailsContextMapperto use- Returns:
- the
LdapAuthenticationProviderConfigurerfor further customizations - See Also:
PersonContextMapper,InetOrgPersonContextMapper,LdapUserDetailsMapper
-
groupRoleAttribute
public LdapAuthenticationProviderConfigurer<B> groupRoleAttribute(java.lang.String groupRoleAttribute)
Specifies the attribute name which contains the role name. Default is "cn".- Parameters:
groupRoleAttribute- the attribute name that maps a group to a role.- Returns:
- the
LdapAuthenticationProviderConfigurerfor further customizations
-
groupSearchBase
public LdapAuthenticationProviderConfigurer<B> groupSearchBase(java.lang.String groupSearchBase)
The search base for group membership searches. Defaults to "".- Parameters:
groupSearchBase-- Returns:
- the
LdapAuthenticationProviderConfigurerfor further customizations
-
groupSearchSubtree
public LdapAuthenticationProviderConfigurer<B> groupSearchSubtree(boolean groupSearchSubtree)
If set to true, a subtree scope search will be performed for group membership. If false a single-level search is used.- Parameters:
groupSearchSubtree- set to true to enable searching of the entire tree below the groupSearchBase.- Returns:
- the
LdapAuthenticationProviderConfigurerfor further customizations
-
groupSearchFilter
public LdapAuthenticationProviderConfigurer<B> groupSearchFilter(java.lang.String groupSearchFilter)
The LDAP filter to search for groups. Defaults to "(uniqueMember={0})". The substituted parameter is the DN of the user.- Parameters:
groupSearchFilter- the LDAP filter to search for groups- Returns:
- the
LdapAuthenticationProviderConfigurerfor further customizations
-
rolePrefix
public LdapAuthenticationProviderConfigurer<B> rolePrefix(java.lang.String rolePrefix)
A non-empty string prefix that will be added as a prefix to the existing roles. The default is "ROLE_".- Parameters:
rolePrefix- the prefix to be added to the roles that are loaded.- Returns:
- the
LdapAuthenticationProviderConfigurerfor further customizations - See Also:
SimpleAuthorityMapper.setPrefix(String)
-
userSearchBase
public LdapAuthenticationProviderConfigurer<B> userSearchBase(java.lang.String userSearchBase)
Search base for user searches. Defaults to "". Only used withuserSearchFilter(String).- Parameters:
userSearchBase- search base for user searches- Returns:
- the
LdapAuthenticationProviderConfigurerfor further customizations
-
userSearchFilter
public LdapAuthenticationProviderConfigurer<B> userSearchFilter(java.lang.String userSearchFilter)
The LDAP filter used to search for users (optional). For example "(uid={0})". The substituted parameter is the user's login name.- Parameters:
userSearchFilter- the LDAP filter used to search for users- Returns:
- the
LdapAuthenticationProviderConfigurerfor further customizations
-
configure
public void configure(B builder) throws java.lang.Exception
Description copied from interface:SecurityConfigurerConfigure theSecurityBuilderby setting the necessary properties on theSecurityBuilder.- Specified by:
configurein interfaceSecurityConfigurer<org.springframework.security.authentication.AuthenticationManager,B extends ProviderManagerBuilder<B>>- Overrides:
configurein classSecurityConfigurerAdapter<org.springframework.security.authentication.AuthenticationManager,B extends ProviderManagerBuilder<B>>- Throws:
java.lang.Exception
-
passwordCompare
public LdapAuthenticationProviderConfigurer.PasswordCompareConfigurer passwordCompare()
- Returns:
- the
LdapAuthenticationProviderConfigurer.PasswordCompareConfigurerfor further customizations
-
-