| java.lang.Object
 org.blojsom.authorization.database.DatabaseAuthorizationProvider
org.blojsom.authorization.ldap.LDAPAuthorizationProvider
| LDAPAuthorizationProvider | | public class LDAPAuthorizationProvider extends DatabaseAuthorizationProvider (Code) | | LDAPAuthorizationProvider
This implementation authenticates a user against an LDAP server. The user
name must be the same as that of their LDAP user (uid). There are two ways
to configure this in terms of the accepted users. The first is where only
the blog owner can edit the blog. To use this technique, delete the
authorization.properties file from the user's blog directory. The lack of
this file tells the authorization logic to use the blog owner as the UID for
LDAP authentication. The second way provides multiple user editing of a
blog. This second way utilizes the authorization.properties file's user
names (it ignores passwords and other data). Incoming authorization requests
have the user name checked to see if it is listed in the
authorization.properties file (indicating a user who is allowed to edit this
blog). If it is in the list, this username is used as the LDAP UID. This
class/implementation requires LDAP protocol version 3. You must set the
configuration values defined by the BlojsomConstants:
BLOG_LDAP_AUTHORIZATION_SERVER_IP, BLOG_LDAP_AUTHORIZATION_DN_IP, and
BLOG_LDAP_AUTHORIZATION_PORT_IP (optional).
Note, this implementation currently requires the Mozilla LDAP Java SDK. See
http://www.mozilla.org/directory/.
author:
David Czarnecki
author:
Christopher Bailey
version:
$Id: LDAPAuthorizationProvider.java,v 1.5 2007/01/17 01:15:46 czarneckid Exp $
since:
blojsom 3.0 |
| LDAPAuthorizationProvider | | public LDAPAuthorizationProvider()(Code) | | Default constructor
|
| authorize | | public void authorize(Blog blog, Map authorizationContext, String username, String password) throws AuthorizationException(Code) | | Authorize a username and password for the given
Blog
Parameters:
blog - Blog
Parameters:
authorizationContext - Map to be used to provide other information for authorization. This willchange depending on the authorization provider. This parameter is not used in this implementation.
Parameters:
username - Username. In this implementation, this value must match that of the blog user's ID.
Parameters:
password - Password
throws:
AuthorizationException - If there is an error authorizing the username and password |
| getAttribute | | protected String getAttribute(String username, String attribute)(Code) | | Get a specific attribute value for a given username
Parameters:
username - Username
Parameters:
attribute - Attribute attribute value for a given username or null if there is an exception in lookup |
| getBaseDN | | protected String getBaseDN()(Code) | | Return the LDAP base DN
LDAP base DN |
| getDN | | protected String getDN(String username)(Code) | | Get the DN for a given username
Parameters:
username - Username DN for a given username or null if there is an exception in lookup |
| getPort | | protected int getPort()(Code) | | Return the LDAP server port
LDAP server port |
| getServer | | protected String getServer()(Code) | | Return the LDAP server name
LDAP server name |
| Fields inherited from org.blojsom.authorization.database.DatabaseAuthorizationProvider | protected SessionFactory _sessionFactory(Code)(Java Doc)
|
|
|