public class LDAPUserRegistry extends Object implements UserRegistry, LDAPNameResolver, org.springframework.beans.factory.InitializingBean, ActivateableBean
UserRegistry
implementation with the ability to query Alfresco-like descriptions of users and groups from
an LDAP directory, optionally restricted to those modified since a certain time.Modifier and Type | Class and Description |
---|---|
protected static class |
LDAPUserRegistry.AbstractSearchCallback
An abstract implementation of SearchCallback interface.
|
class |
LDAPUserRegistry.PersonCollection
Wraps the LDAP user query as a virtual
Collection . |
protected static interface |
LDAPUserRegistry.SearchCallback
An interface for callbacks passed to the
processQuery(SearchCallback, String, String, String[]) method. |
Constructor and Description |
---|
LDAPUserRegistry()
Instantiates a new lDAP user registry.
|
Modifier and Type | Method and Description |
---|---|
void |
afterPropertiesSet() |
Collection<String> |
getGroupNames()
Gets the names of all groups in the registry.
|
Collection<NodeDescription> |
getGroups(Date modifiedSince)
Gets descriptions of all the groups in the user registry or all those changed since a certain date.
|
Set<org.alfresco.service.namespace.QName> |
getPersonMappedProperties()
Gets the set of property names that are auto-mapped by this user registry.
|
Collection<String> |
getPersonNames()
Gets the names of all persons in the registry.
|
Collection<NodeDescription> |
getPersons(Date modifiedSince)
Gets descriptions of all the persons (users) in the user registry or all those changed since a certain date.
|
AbstractDirectoryServiceUserAccountStatusInterpreter |
getUserAccountStatusInterpreter() |
boolean |
isActive()
Determines whether this bean is active.
|
String |
resolveDistinguishedName(String userId,
org.alfresco.repo.security.authentication.AuthenticationDiagnostic diagnostic)
Resolves a user ID to a distinguished name.
|
void |
setActive(boolean active)
Controls whether this bean is active.
|
void |
setAttributeBatchSize(int attributeBatchSize)
Sets the attribute batch size.
|
void |
setEnableProgressEstimation(boolean enableProgressEstimation)
Controls whether progress estimation is enabled.
|
void |
setErrorOnDuplicateGID(boolean errorOnDuplicateGID)
Decides whether to error on duplicate group IDs.
|
void |
setErrorOnMissingGID(boolean errorOnMissingGID)
Decides whether to error on missing group IDs.
|
void |
setErrorOnMissingMembers(boolean errorOnMissingMembers)
Decides whether to error on missing group members.
|
void |
setErrorOnMissingUID(boolean errorOnMissingUID)
Decides whether to error on missing user IDs.
|
void |
setGroupAttributeDefaults(Map<String,String> groupAttributeDefaults)
Sets the group attribute defaults.
|
void |
setGroupAttributeMapping(Map<String,String> groupAttributeMapping)
Sets the group attribute mapping.
|
void |
setGroupDifferentialQuery(String groupDifferentialQuery)
Sets the group differential query.
|
void |
setGroupIdAttributeName(String groupIdAttributeName)
Sets the group id attribute name.
|
void |
setGroupQuery(String groupQuery)
Sets the group query.
|
void |
setGroupSearchBase(String groupSearchBase)
Sets the group search base.
|
void |
setGroupType(String groupType)
Sets the group type.
|
void |
setLDAPInitialDirContextFactory(LDAPInitialDirContextFactory ldapInitialDirContextFactory)
Sets the LDAP initial dir context factory.
|
void |
setMemberAttribute(String memberAttribute)
Sets the member attribute name.
|
void |
setModifyTimestampAttributeName(String modifyTimestampAttributeName)
Sets the modification timestamp attribute name.
|
void |
setNamespaceService(org.alfresco.service.namespace.NamespaceService namespaceService)
Sets the namespace service.
|
void |
setPersonAttributeDefaults(Map<String,String> personAttributeDefaults)
Sets the person attribute defaults.
|
void |
setPersonAttributeMapping(Map<String,String> personAttributeMapping)
Sets the person attribute mapping.
|
void |
setPersonDifferentialQuery(String personDifferentialQuery)
Sets the person differential query.
|
void |
setPersonQuery(String personQuery)
Sets the person query.
|
void |
setPersonType(String personType)
Sets the person type.
|
void |
setQueryBatchSize(int queryBatchSize)
Sets the query batch size.
|
void |
setTimestampFormat(String timestampFormat)
Sets the timestamp format.
|
void |
setUserAccountStatusInterpreter(AbstractDirectoryServiceUserAccountStatusInterpreter userAccountStatusInterpreter) |
void |
setUserIdAttributeName(String userIdAttributeName)
Sets the user id attribute name.
|
void |
setUserSearchBase(String userSearchBase)
Sets the user search base.
|
public LDAPUserRegistry()
public void setActive(boolean active)
active
- true
if this bean is activepublic void setEnableProgressEstimation(boolean enableProgressEstimation)
enableProgressEstimation
- true
if progress estimation is enabledpublic void setGroupIdAttributeName(String groupIdAttributeName)
groupIdAttributeName
- the group id attribute namepublic void setGroupQuery(String groupQuery)
groupQuery
- the group querypublic void setGroupDifferentialQuery(String groupDifferentialQuery)
groupDifferentialQuery
- the group differential querypublic void setPersonQuery(String personQuery)
personQuery
- the person querypublic void setPersonDifferentialQuery(String personDifferentialQuery)
personDifferentialQuery
- the person differential querypublic void setGroupType(String groupType)
groupType
- the group typepublic void setMemberAttribute(String memberAttribute)
memberAttribute
- the member attribute namepublic void setPersonType(String personType)
personType
- the person typepublic void setGroupSearchBase(String groupSearchBase)
groupSearchBase
- the group search basepublic void setUserSearchBase(String userSearchBase)
userSearchBase
- the user search basepublic void setUserIdAttributeName(String userIdAttributeName)
userIdAttributeName
- the user id attribute namepublic void setModifyTimestampAttributeName(String modifyTimestampAttributeName)
modifyTimestampAttributeName
- the modification timestamp attribute namepublic void setTimestampFormat(String timestampFormat)
timestampFormat
- the timestamp format
public void setErrorOnMissingMembers(boolean errorOnMissingMembers)
errorOnMissingMembers
- true
if we should error on missing group memberspublic void setErrorOnMissingGID(boolean errorOnMissingGID)
errorOnMissingGID
- true
if we should error on missing group IDspublic void setErrorOnMissingUID(boolean errorOnMissingUID)
errorOnMissingUID
- true
if we should error on missing user IDspublic void setErrorOnDuplicateGID(boolean errorOnDuplicateGID)
errorOnDuplicateGID
- true
if we should error on duplicate group IDspublic void setLDAPInitialDirContextFactory(LDAPInitialDirContextFactory ldapInitialDirContextFactory)
ldapInitialDirContextFactory
- the new LDAP initial dir context factorypublic void setNamespaceService(org.alfresco.service.namespace.NamespaceService namespaceService)
namespaceService
- the namespace servicepublic void setPersonAttributeDefaults(Map<String,String> personAttributeDefaults)
personAttributeDefaults
- the person attribute defaultspublic void setPersonAttributeMapping(Map<String,String> personAttributeMapping)
personAttributeMapping
- the person attribute mappingpublic void setGroupAttributeDefaults(Map<String,String> groupAttributeDefaults)
groupAttributeDefaults
- the group attribute defaultspublic void setGroupAttributeMapping(Map<String,String> groupAttributeMapping)
groupAttributeMapping
- the group attribute mappingpublic void setQueryBatchSize(int queryBatchSize)
queryBatchSize
- If positive, indicates that RFC 2696 paged results should be used to split query results into batches
of the specified size. Overcomes any size limits imposed by the LDAP server.public void setAttributeBatchSize(int attributeBatchSize)
attributeBatchSize
- If positive, indicates that range retrieval should be used to fetch multi-valued attributes (such as
member) in batches of the specified size. Overcomes any size limits imposed by the LDAP server.public void setUserAccountStatusInterpreter(AbstractDirectoryServiceUserAccountStatusInterpreter userAccountStatusInterpreter)
public AbstractDirectoryServiceUserAccountStatusInterpreter getUserAccountStatusInterpreter()
public boolean isActive()
ActivateableBean
isActive
in interface ActivateableBean
true
if this bean is activepublic void afterPropertiesSet() throws Exception
afterPropertiesSet
in interface org.springframework.beans.factory.InitializingBean
Exception
public Set<org.alfresco.service.namespace.QName> getPersonMappedProperties()
UserRegistry
getPersonMappedProperties
in interface UserRegistry
public Collection<NodeDescription> getPersons(Date modifiedSince)
UserRegistry
getPersons
in interface UserRegistry
modifiedSince
- if non-null, then only descriptions of users modified since this date should be returned; if
null
then descriptions of all users should be returned.Collection
of NodeDescription
s of all the persons (users) in the user registry or all
those changed since a certain date. The description properties should correspond to those of an Alfresco
person node.public Collection<String> getPersonNames()
UserRegistry
getPersonNames
in interface UserRegistry
public Collection<String> getGroupNames()
UserRegistry
getGroupNames
in interface UserRegistry
public Collection<NodeDescription> getGroups(Date modifiedSince)
UserRegistry
getGroups
in interface UserRegistry
modifiedSince
- if non-null, then only descriptions of groups modified since this date should be returned; if
null
then descriptions of all groups should be returned.Collection
of NodeDescription
s of all the groups in the user registry or all those
changed since a certain date. The description properties should correspond to those of an Alfresco
authority node.public String resolveDistinguishedName(String userId, org.alfresco.repo.security.authentication.AuthenticationDiagnostic diagnostic) throws org.alfresco.repo.security.authentication.AuthenticationException
LDAPNameResolver
resolveDistinguishedName
in interface LDAPNameResolver
userId
- the user idorg.alfresco.repo.security.authentication.AuthenticationException
- if the user ID cannot be resolvedCopyright © 2005–2017 Alfresco Software. All rights reserved.