public class SimpleAuthenticator extends AbstractAuthenticator
Authenticator
that authenticates clear text passwords
contained within the userPassword
attribute in DIT. If the
password is stored with a one-way encryption applied (e.g. SHA), the password
is hashed the same way before comparison.
We use a cache to speedup authentication, where the Dn/password are stored.LOG
Constructor and Description |
---|
SimpleAuthenticator()
Creates a new instance.
|
SimpleAuthenticator(org.apache.directory.api.ldap.model.name.Dn baseDn)
Creates a new instance.
|
SimpleAuthenticator(int cacheSize)
Creates a new instance, with an initial cache size
|
SimpleAuthenticator(int cacheSize,
org.apache.directory.api.ldap.model.name.Dn baseDn)
Creates a new instance, with an initial cache size
|
Modifier and Type | Method and Description |
---|---|
LdapPrincipal |
authenticate(BindOperationContext bindContext)
Looks up userPassword attribute of the entry whose name is the
value of
Context.SECURITY_PRINCIPAL environment variable, and
authenticates a user with the plain-text password. |
void |
invalidateCache(org.apache.directory.api.ldap.model.name.Dn bindDn)
Remove the principal form the cache.
|
checkPwdPolicy, destroy, doDestroy, doInit, getAuthenticatorType, getBaseDn, getDirectoryService, init, isValid, setBaseDn
public SimpleAuthenticator()
public SimpleAuthenticator(org.apache.directory.api.ldap.model.name.Dn baseDn)
baseDn
- The base DnAbstractAuthenticator
public SimpleAuthenticator(int cacheSize)
cacheSize
- the size of the credential cachepublic SimpleAuthenticator(int cacheSize, org.apache.directory.api.ldap.model.name.Dn baseDn)
cacheSize
- the size of the credential cachebaseDn
- The base Dnpublic LdapPrincipal authenticate(BindOperationContext bindContext) throws org.apache.directory.api.ldap.model.exception.LdapException
Looks up userPassword attribute of the entry whose name is the
value of Context.SECURITY_PRINCIPAL
environment variable, and
authenticates a user with the plain-text password.
bindContext
- The Bind contextorg.apache.directory.api.ldap.model.exception.LdapException
- If the authentication failedpublic void invalidateCache(org.apache.directory.api.ldap.model.name.Dn bindDn)
invalidateCache
in interface Authenticator
invalidateCache
in class AbstractAuthenticator
bindDn
- the already normalized distinguished name of the bind principalCopyright © 2003–2020 The Apache Software Foundation. All rights reserved.