public interface Authenticator
DefaultPartitionNexus
.
Authenticator
s are registered to and configured by
AuthenticationInterceptor
interceptor.
AuthenticationInterceptor
authenticates users by calling
authenticate(BindOperationContext)
, and then Authenticator
checks JNDI Context
environment properties
(Context.SECURITY_PRINCIPAL
and Context.SECURITY_CREDENTIALS
)
of current Context
.
AbstractAuthenticator
Modifier and Type | Method and Description |
---|---|
LdapPrincipal |
authenticate(BindOperationContext bindContext)
Performs authentication and returns the principal if succeeded.
|
void |
checkPwdPolicy(org.apache.directory.api.ldap.model.entry.Entry userEntry)
performs checks on the given entry based on the specified password policy configuration
|
void |
destroy()
Called by
AuthenticationInterceptor to indicate that this
authenticator is being removed from service. |
org.apache.directory.api.ldap.model.constants.AuthenticationLevel |
getAuthenticatorType()
Returns the type of this authenticator (e.g.
|
org.apache.directory.api.ldap.model.name.Dn |
getBaseDn() |
void |
init(DirectoryService directoryService)
Called by
AuthenticationInterceptor to indicate that this
authenticator is being placed into service. |
void |
invalidateCache(org.apache.directory.api.ldap.model.name.Dn bindDn)
Callback used to respond to password changes by invalidating a password
cache if implemented.
|
boolean |
isValid(org.apache.directory.api.ldap.model.name.Dn bindDn)
Check that this selector is a valid one.
|
void |
setBaseDn(org.apache.directory.api.ldap.model.name.Dn baseDn)
Set the baseDN into the Authenticator
|
org.apache.directory.api.ldap.model.constants.AuthenticationLevel getAuthenticatorType()
void init(DirectoryService directoryService) throws org.apache.directory.api.ldap.model.exception.LdapException
AuthenticationInterceptor
to indicate that this
authenticator is being placed into service.directoryService
- The DirectoryService instanceorg.apache.directory.api.ldap.model.exception.LdapException
- If the initialization failedvoid destroy()
AuthenticationInterceptor
to indicate that this
authenticator is being removed from service.void invalidateCache(org.apache.directory.api.ldap.model.name.Dn bindDn)
bindDn
- the already normalized distinguished name of the bind principalLdapPrincipal authenticate(BindOperationContext bindContext) throws org.apache.directory.api.ldap.model.exception.LdapException
bindContext
- The Bind contextorg.apache.directory.api.ldap.model.exception.LdapException
- If the authentication failedvoid checkPwdPolicy(org.apache.directory.api.ldap.model.entry.Entry userEntry) throws org.apache.directory.api.ldap.model.exception.LdapException
userEntry
- the user entry to be checked for authenticationorg.apache.directory.api.ldap.model.exception.LdapException
- If the password policy is incorrectboolean isValid(org.apache.directory.api.ldap.model.name.Dn bindDn)
bindDn
- The DN we want to authenticatetrue
if the Auhenticator is supporting the DNorg.apache.directory.api.ldap.model.name.Dn getBaseDn()
void setBaseDn(org.apache.directory.api.ldap.model.name.Dn baseDn)
baseDn
- The Base DN to setCopyright © 2003–2020 The Apache Software Foundation. All rights reserved.