Class UserGroupLdapAuthoritiesPopulator
- java.lang.Object
-
- org.springframework.security.ldap.userdetails.DefaultLdapAuthoritiesPopulator
-
- org.opennms.web.springframework.security.UserGroupLdapAuthoritiesPopulator
-
- All Implemented Interfaces:
org.springframework.security.ldap.userdetails.LdapAuthoritiesPopulator
public class UserGroupLdapAuthoritiesPopulator extends org.springframework.security.ldap.userdetails.DefaultLdapAuthoritiesPopulator implements org.springframework.security.ldap.userdetails.LdapAuthoritiesPopulator
This class adds the ability to provide a concrete map of associations between specific group values and roles. These associations can be provided by setting thegroupToRoleMap
property either in a Spring context file or by callingsetGroupToRoleMap(Map)
.
-
-
Constructor Summary
Constructors Constructor Description UserGroupLdapAuthoritiesPopulator(org.springframework.ldap.core.ContextSource contextSource, java.lang.String groupSearchBase)
-
Method Summary
All Methods Instance Methods Concrete Methods Modifier and Type Method Description protected java.util.Set<org.springframework.security.core.GrantedAuthority>
getAdditionalRoles(org.springframework.ldap.core.DirContextOperations user, java.lang.String username)
This function returns a list of roles from the given set of groups based on the value of thegroupToRoleMap
property.void
setGroupRoleAttribute(java.lang.String groupRoleAttribute)
void
setGroupSearchFilter(java.lang.String groupSearchFilter)
void
setGroupToRoleMap(java.util.Map<java.lang.String,java.util.List<java.lang.String>> groupToRoleMap)
This property contains a set of group to role mappings.void
setSearchSubtree(boolean searchSubtree)
-
Methods inherited from class org.springframework.security.ldap.userdetails.DefaultLdapAuthoritiesPopulator
getContextSource, getGrantedAuthorities, getGroupMembershipRoles, getGroupSearchBase, setConvertToUpperCase, setDefaultRole, setIgnorePartialResultException, setRolePrefix
-
-
-
-
Method Detail
-
getAdditionalRoles
protected java.util.Set<org.springframework.security.core.GrantedAuthority> getAdditionalRoles(org.springframework.ldap.core.DirContextOperations user, java.lang.String username)
This function returns a list of roles from the given set of groups based on the value of thegroupToRoleMap
property.- Overrides:
getAdditionalRoles
in classorg.springframework.security.ldap.userdetails.DefaultLdapAuthoritiesPopulator
- Returns:
- a
Set
object.
-
setGroupRoleAttribute
public void setGroupRoleAttribute(java.lang.String groupRoleAttribute)
- Overrides:
setGroupRoleAttribute
in classorg.springframework.security.ldap.userdetails.DefaultLdapAuthoritiesPopulator
-
setGroupSearchFilter
public void setGroupSearchFilter(java.lang.String groupSearchFilter)
- Overrides:
setGroupSearchFilter
in classorg.springframework.security.ldap.userdetails.DefaultLdapAuthoritiesPopulator
-
setGroupToRoleMap
public void setGroupToRoleMap(java.util.Map<java.lang.String,java.util.List<java.lang.String>> groupToRoleMap)
This property contains a set of group to role mappings. Both values are specified as string values.
An example Spring context that sets this property could be:
<property xmlns="http://www.springframework.org/schema/beans" name="groupToRoleMap"> <map> <entry> <key><value>CompanyX_OpenNMS_User_Group</value></key> <list> <value>ROLE_USER</value> </list> </entry> </map> </property>
-
setSearchSubtree
public void setSearchSubtree(boolean searchSubtree)
- Overrides:
setSearchSubtree
in classorg.springframework.security.ldap.userdetails.DefaultLdapAuthoritiesPopulator
-
-