Package org.opennms.web.springframework.security

Class UserGroupLdapAuthoritiesPopulator

  • All Implemented Interfaces:
    org.springframework.security.ldap.userdetails.LdapAuthoritiesPopulator
    public class UserGroupLdapAuthoritiesPopulator
extends org.springframework.security.ldap.userdetails.DefaultLdapAuthoritiesPopulator
implements org.springframework.security.ldap.userdetails.LdapAuthoritiesPopulator
    This class adds the ability to provide a concrete map of associations between specific group values and roles. These associations can be provided by setting the groupToRoleMap property either in a Spring context file or by calling setGroupToRoleMap(Map).

    • Constructor Summary

      Constructors 
      Constructor Description
      UserGroupLdapAuthoritiesPopulator​(org.springframework.ldap.core.ContextSource contextSource, java.lang.String groupSearchBase)  

    • Method Summary

      All Methods Instance Methods Concrete Methods 
      Modifier and Type Method Description
      protected java.util.Set<org.springframework.security.core.GrantedAuthority> getAdditionalRoles​(org.springframework.ldap.core.DirContextOperations user, java.lang.String username)
      This function returns a list of roles from the given set of groups based on the value of the groupToRoleMap property.
      void setGroupRoleAttribute​(java.lang.String groupRoleAttribute)  
      void setGroupSearchFilter​(java.lang.String groupSearchFilter)  
      void setGroupToRoleMap​(java.util.Map<java.lang.String,​java.util.List<java.lang.String>> groupToRoleMap)
      This property contains a set of group to role mappings.
      void setSearchSubtree​(boolean searchSubtree)  

      • Methods inherited from class org.springframework.security.ldap.userdetails.DefaultLdapAuthoritiesPopulator

        getContextSource, getGrantedAuthorities, getGroupMembershipRoles, getGroupSearchBase, setConvertToUpperCase, setDefaultRole, setIgnorePartialResultException, setRolePrefix

      • Methods inherited from class java.lang.Object

        clone, equals, finalize, getClass, hashCode, notify, notifyAll, toString, wait, wait, wait

      • Methods inherited from interface org.springframework.security.ldap.userdetails.LdapAuthoritiesPopulator

        getGrantedAuthorities

    • Constructor Detail

      • UserGroupLdapAuthoritiesPopulator

        public UserGroupLdapAuthoritiesPopulator​(org.springframework.ldap.core.ContextSource contextSource,
                                         java.lang.String groupSearchBase)

    • Method Detail

      • getAdditionalRoles

        protected java.util.Set<org.springframework.security.core.GrantedAuthority> getAdditionalRoles​(org.springframework.ldap.core.DirContextOperations user,
                                                                                               java.lang.String username)
        This function returns a list of roles from the given set of groups based on the value of the groupToRoleMap property.
        Overrides:
        getAdditionalRoles in class org.springframework.security.ldap.userdetails.DefaultLdapAuthoritiesPopulator
        Returns:
        a Set object.

      • setGroupRoleAttribute

        public void setGroupRoleAttribute​(java.lang.String groupRoleAttribute)
        Overrides:
        setGroupRoleAttribute in class org.springframework.security.ldap.userdetails.DefaultLdapAuthoritiesPopulator

      • setGroupSearchFilter

        public void setGroupSearchFilter​(java.lang.String groupSearchFilter)
        Overrides:
        setGroupSearchFilter in class org.springframework.security.ldap.userdetails.DefaultLdapAuthoritiesPopulator

      • setGroupToRoleMap

        public void setGroupToRoleMap​(java.util.Map<java.lang.String,​java.util.List<java.lang.String>> groupToRoleMap)

        This property contains a set of group to role mappings. Both values are specified as string values.

        An example Spring context that sets this property could be:

         
 <property xmlns="http://www.springframework.org/schema/beans" name="groupToRoleMap">
   <map>
     <entry>
       <key><value>CompanyX_OpenNMS_User_Group</value></key>
       <list>
         <value>ROLE_USER</value>
       </list>
     </entry>
   </map> 
 </property>

      • setSearchSubtree

        public void setSearchSubtree​(boolean searchSubtree)
        Overrides:
        setSearchSubtree in class org.springframework.security.ldap.userdetails.DefaultLdapAuthoritiesPopulator