Class UidPwdDirAuthentication
java.lang.Object
org.dogtagpki.server.authentication.AuthManager
com.netscape.cms.authentication.DirBasedAuthentication
com.netscape.cms.authentication.UidPwdDirAuthentication
- All Implemented Interfaces:
IExtendedPluginInfo
uid/pwd directory based authentication manager
- Version:
- $Revision$, $Date$
-
Field Summary
FieldsModifier and TypeFieldDescriptionstatic org.slf4j.Loggerprotected static String[]protected static String[]Fields inherited from class DirBasedAuthentication
CRED_PIN, CRED_PWD, CRED_ShrTok, CRED_UID, CRED_USER_PASSWORD, DEFAULT_DNPATTERN, mBaseDN, mBoundConnEnable, mConnFactory, mExtendedPluginInfo, mGroupObjectClass, mGroups, mGroupsBaseDN, mGroupsEnable, mGroupUserIDName, mLdapAttrs, mLdapByteAttrs, mLdapConfig, mLdapStringAttrs, mPattern, mSearchGroupUserByUserdn, mTag, mUserIDName, PROP_DNPATTERN, PROP_GROUP_OBJECT_CLASS, PROP_GROUP_USERID_NAME, PROP_GROUPS, PROP_GROUPS_BASEDN, PROP_GROUPS_ENABLE, PROP_LDAP_BOUND_CONN, PROP_LDAPBYTEATTRS, PROP_LDAPSTRINGATTRS, PROP_SEARCH_GROUP_USER_BY_USERDN, PROP_USERID_NAME, USER_DNFields inherited from class AuthManager
AUTHENTICATED_NAME, authenticationConfig, CRED_CERT_SERIAL_TO_REVOKE, CRED_CMC_SELF_SIGNED, CRED_CMC_SIGNING_CERT, CRED_HOST_NAME, CRED_SESSION_ID, CRED_SSL_CLIENT_CERT, engine, mConfig, mImplName, mNameFields inherited from interface IExtendedPluginInfo
HELP_TEXT, HELP_TOKEN -
Constructor Summary
Constructors -
Method Summary
Modifier and TypeMethodDescriptionprotected Stringauthenticate(netscape.ldap.LDAPConnection conn, AuthCredentials authCreds, AuthToken token) Authenticates a user based on uid, pwd in the directory.String[]Returns a list of configuration parameter names.Retrieves the localizable name of this policy.String[]Returns array of required credentials for this authentication manager.Retrieves the localizable description of this policy.getValueDescriptor(Locale locale, String name) Retrieves the descriptor of the given value parameter by name.Retrieves a list of names of the value parameter.voidinit(ConfigStore config) Initializes this default policy.booleanChecks if this authenticator requires SSL client authentication.booleanisValueWriteable(String name) Checks if the value of the given property should be serializable into the request.voidPopulates authentication specific information into the request for auditing purposes.Methods inherited from class DirBasedAuthentication
authenticate, formCertInfo, formSubjectName, getExtendedPluginInfo, getLdapAttrs, getLdapByteAttrs, init, init, setAuthTokenByteValue, setAuthTokenStringValue, setAuthTokenValues, shutdownMethods inherited from class AuthManager
getAuthenticationConfig, getCMSEngine, getConfigStore, getImplName, getName, setAuthenticationConfig, setCMSEngine
-
Field Details
-
logger
public static org.slf4j.Logger logger -
mRequiredCreds
-
mConfigParams
-
-
Constructor Details
-
UidPwdDirAuthentication
public UidPwdDirAuthentication()
-
-
Method Details
-
authenticate
protected String authenticate(netscape.ldap.LDAPConnection conn, AuthCredentials authCreds, AuthToken token) throws EBaseException Authenticates a user based on uid, pwd in the directory.- Specified by:
authenticatein classDirBasedAuthentication- Parameters:
authCreds- The authentication credentials.- Returns:
- The user's ldap entry dn.
- Throws:
EInvalidCredentials- If the uid and password are not validEBaseException- If an internal error occurs.
-
getConfigParams
Returns a list of configuration parameter names. The list is passed to the configuration console so instances of this implementation can be configured through the console.- Overrides:
getConfigParamsin classAuthManager- Returns:
- String array of configuration parameter names.
-
getRequiredCreds
Returns array of required credentials for this authentication manager.- Specified by:
getRequiredCredsin classDirBasedAuthentication- Returns:
- Array of required credentials.
-
init
Description copied from class:AuthManagerInitializes this default policy.- Specified by:
initin classAuthManager- Parameters:
config- configuration store- Throws:
EProfileException- failed to initialize
-
getName
Retrieves the localizable name of this policy.- Overrides:
getNamein classAuthManager- Parameters:
locale- end user locale- Returns:
- localized authenticator name
-
getText
Retrieves the localizable description of this policy.- Overrides:
getTextin classDirBasedAuthentication- Parameters:
locale- end user locale- Returns:
- localized authenticator description
-
getValueNames
Retrieves a list of names of the value parameter.- Overrides:
getValueNamesin classDirBasedAuthentication- Returns:
- a list of property names
-
isValueWriteable
Description copied from class:AuthManagerChecks if the value of the given property should be serializable into the request. Passsword or other security-related value may not be desirable for storage.- Overrides:
isValueWriteablein classDirBasedAuthentication- Parameters:
name- property name- Returns:
- true if the property is not security related
-
getValueDescriptor
Retrieves the descriptor of the given value parameter by name.- Overrides:
getValueDescriptorin classDirBasedAuthentication- Parameters:
locale- user localename- property name- Returns:
- descriptor of the requested property
-
populate
Description copied from class:AuthManagerPopulates authentication specific information into the request for auditing purposes.- Overrides:
populatein classDirBasedAuthentication- Parameters:
token- authentication tokenrequest- request- Throws:
EProfileException- failed to populate
-
isSSLClientRequired
public boolean isSSLClientRequired()Description copied from class:AuthManagerChecks if this authenticator requires SSL client authentication.- Overrides:
isSSLClientRequiredin classDirBasedAuthentication- Returns:
- client authentication required or not
-