Class UserGroupLdapAuthoritiesPopulator
- java.lang.Object
-
- org.springframework.security.ldap.userdetails.DefaultLdapAuthoritiesPopulator
-
- org.opennms.web.springframework.security.UserGroupLdapAuthoritiesPopulator
-
- All Implemented Interfaces:
org.springframework.security.ldap.userdetails.LdapAuthoritiesPopulator
public class UserGroupLdapAuthoritiesPopulator extends org.springframework.security.ldap.userdetails.DefaultLdapAuthoritiesPopulator implements org.springframework.security.ldap.userdetails.LdapAuthoritiesPopulatorThis class adds the ability to provide a concrete map of associations between specific group values and roles. These associations can be provided by setting thegroupToRoleMapproperty either in a Spring context file or by callingsetGroupToRoleMap(Map).
-
-
Constructor Summary
Constructors Constructor Description UserGroupLdapAuthoritiesPopulator(org.springframework.ldap.core.ContextSource contextSource, String groupSearchBase)
-
Method Summary
All Methods Instance Methods Concrete Methods Modifier and Type Method Description protected Set<org.springframework.security.core.GrantedAuthority>getAdditionalRoles(org.springframework.ldap.core.DirContextOperations user, String username)This function returns a list of roles from the given set of groups based on the value of thegroupToRoleMapproperty.voidsetGroupRoleAttribute(String groupRoleAttribute)voidsetGroupSearchFilter(String groupSearchFilter)voidsetGroupToRoleMap(Map<String,List<String>> groupToRoleMap)This property contains a set of group to role mappings.voidsetSearchSubtree(boolean searchSubtree)-
Methods inherited from class org.springframework.security.ldap.userdetails.DefaultLdapAuthoritiesPopulator
getContextSource, getGrantedAuthorities, getGroupMembershipRoles, getGroupSearchBase, setConvertToUpperCase, setDefaultRole, setIgnorePartialResultException, setRolePrefix
-
-
-
-
Constructor Detail
-
UserGroupLdapAuthoritiesPopulator
public UserGroupLdapAuthoritiesPopulator(org.springframework.ldap.core.ContextSource contextSource, String groupSearchBase)
-
-
Method Detail
-
getAdditionalRoles
protected Set<org.springframework.security.core.GrantedAuthority> getAdditionalRoles(org.springframework.ldap.core.DirContextOperations user, String username)
This function returns a list of roles from the given set of groups based on the value of thegroupToRoleMapproperty.- Overrides:
getAdditionalRolesin classorg.springframework.security.ldap.userdetails.DefaultLdapAuthoritiesPopulator- Returns:
- a
Setobject.
-
setGroupRoleAttribute
public void setGroupRoleAttribute(String groupRoleAttribute)
- Overrides:
setGroupRoleAttributein classorg.springframework.security.ldap.userdetails.DefaultLdapAuthoritiesPopulator
-
setGroupSearchFilter
public void setGroupSearchFilter(String groupSearchFilter)
- Overrides:
setGroupSearchFilterin classorg.springframework.security.ldap.userdetails.DefaultLdapAuthoritiesPopulator
-
setGroupToRoleMap
public void setGroupToRoleMap(Map<String,List<String>> groupToRoleMap)
This property contains a set of group to role mappings. Both values are specified as string values.
An example Spring context that sets this property could be:
<property xmlns="http://www.springframework.org/schema/beans" name="groupToRoleMap"> <map> <entry> <key><value>CompanyX_OpenNMS_User_Group</value></key> <list> <value>ROLE_USER</value> </list> </entry> </map> </property>
-
setSearchSubtree
public void setSearchSubtree(boolean searchSubtree)
- Overrides:
setSearchSubtreein classorg.springframework.security.ldap.userdetails.DefaultLdapAuthoritiesPopulator
-
-