Package org.opennms.web.springframework.security

Class KerberosServiceLdapAuthenticationProvider

  • All Implemented Interfaces:
    org.springframework.beans.factory.InitializingBean, org.springframework.security.authentication.AuthenticationProvider
    public class KerberosServiceLdapAuthenticationProvider
extends org.springframework.security.kerberos.authentication.KerberosServiceAuthenticationProvider
    Authentication provider which validates users via Kerberos Service Tickets or SPNEGO Tokens and then populates the users' authorities using the specified implementation of LdapAuthoritiesPopulator. Created for use cases where no existing UserDetailsService implementation will quite do the job.
    Author:
    Jeff Gehlbach
    See Also:
    KerberosLdapAuthenticationProvider, KerberosAuthenticationProvider, LdapUserSearch, LdapAuthoritiesPopulator

    • Constructor Detail

      • KerberosServiceLdapAuthenticationProvider

        public KerberosServiceLdapAuthenticationProvider()

    • Method Detail

      • authenticate

        public org.springframework.security.core.Authentication authenticate​(org.springframework.security.core.Authentication authentication)
                                                              throws org.springframework.security.core.AuthenticationException
        Specified by:
        authenticate in interface org.springframework.security.authentication.AuthenticationProvider
        Overrides:
        authenticate in class org.springframework.security.kerberos.authentication.KerberosServiceAuthenticationProvider
        Throws:
        org.springframework.security.core.AuthenticationException

      • setLdapAuthoritiesPopulator

        public void setLdapAuthoritiesPopulator​(org.springframework.security.ldap.userdetails.LdapAuthoritiesPopulator ldapAuthoritiesPopulator)
        Parameters:
        ldapAuthoritiesPopulator - The LdapAuthoritiesPopulator to use for retrieving granted authorities from an LDAP directory

      • getLdapAuthoritiesPopulator

        public org.springframework.security.ldap.userdetails.LdapAuthoritiesPopulator getLdapAuthoritiesPopulator()

      • setLdapUserSearch

        public void setLdapUserSearch​(org.springframework.security.ldap.search.LdapUserSearch ldapUserSearch)
        Parameters:
        ldapUserSearch - The LdapUserSearch with which to look up users in an LDAP directory

      • getLdapUserSearch

        public org.springframework.security.ldap.search.LdapUserSearch getLdapUserSearch()

      • setTrimRealm

        public void setTrimRealm​(boolean trimRealm)
        Parameters:
        trimRealm - Defaults to true. If set to false, do not trim the realm portion (e.g. @EXAMPLE.ORG) from the authenticated user principal name (e.g. user@EXAMPLE.ORG).

      • getTrimRealm

        public boolean getTrimRealm()

      • setTicketValidator

        public void setTicketValidator​(org.springframework.security.kerberos.authentication.KerberosTicketValidator ticketValidator)
        Overrides:
        setTicketValidator in class org.springframework.security.kerberos.authentication.KerberosServiceAuthenticationProvider

      • getTicketValidator

        public org.springframework.security.kerberos.authentication.KerberosTicketValidator getTicketValidator()

      • afterPropertiesSet

        public void afterPropertiesSet()
                        throws Exception
        Specified by:
        afterPropertiesSet in interface org.springframework.beans.factory.InitializingBean
        Overrides:
        afterPropertiesSet in class org.springframework.security.kerberos.authentication.KerberosServiceAuthenticationProvider
        Throws:
        Exception