Esri Geoportal Server
1.0

com.esri.gpt.framework.security.identity.ldap
Class LdapIdentityAdapter

java.lang.Object
  extended by com.esri.gpt.framework.security.identity.IdentityAdapter
      extended by com.esri.gpt.framework.security.identity.ldap.LdapIdentityAdapter

public class LdapIdentityAdapter
extends IdentityAdapter

Identity adapter for an LDAP based identity store.


Constructor Summary
LdapIdentityAdapter()
          Default constructor.
 
Method Summary
 void addUserToRole(User user, String role)
          Adds user to role.
 void authenticate(User user)
          Authenticates a user.
 void changePassword(User user, ChangePasswordCriteria criteria)
          Changes the password for a user.
protected  LdapConfiguration getLdapConfiguration()
          Gets the LDAP configuration.
protected  LdapClient newLdapClient()
          Makes a new LDAP client.
protected  LdapClient newServiceConnection()
          Makes a new connected LDAP client based upon the service account credentials.
 Users readGroupMembers(String groupDN)
          Reads the members of a group.
 void readUserGroups(User user)
          Reads the groups to which a user belongs.
 void readUserProfile(User user)
          Reads the profile attributes for a user.
 User recoverPassword(RecoverPasswordCriteria criteria)
          Recovers a user password.
 void registerUser(User user)
          Registers a new user.
 void updateUserProfile(User user)
          Updates the profile attributes for a user.
 
Methods inherited from class com.esri.gpt.framework.security.identity.IdentityAdapter
getApplicationConfiguration, getRequestContext, setApplicationConfiguration, setRequestContext, throwNotSupportedException
 
Methods inherited from class java.lang.Object
clone, equals, finalize, getClass, hashCode, notify, notifyAll, toString, wait, wait, wait
 

Constructor Detail

LdapIdentityAdapter

public LdapIdentityAdapter()
Default constructor.

Method Detail

getLdapConfiguration

protected LdapConfiguration getLdapConfiguration()
Gets the LDAP configuration.

Returns:
the LDAP configuration

authenticate

public void authenticate(User user)
                  throws CredentialsDeniedException,
                         IdentityException,
                         SQLException
Authenticates a user.

Overrides:
authenticate in class IdentityAdapter
Parameters:
user - the subject user
Throws:
CredentialsDeniedException - if credentials are denied
IdentityException - if a system error occurs preventing authentication
SQLException - if a database communication exception occurs

changePassword

public void changePassword(User user,
                           ChangePasswordCriteria criteria)
                    throws CredentialsDeniedException,
                           CredentialPolicyException,
                           IdentityException,
                           NamingException,
                           SQLException
Changes the password for a user.

Overrides:
changePassword in class IdentityAdapter
Parameters:
user - the subject user
criteria - the criteria associated with the password change
Throws:
CredentialPolicyException - if the credentials are invalid
IdentityException - if a system error occurs preventing the action
NamingException - if an LDAP naming exception occurs
SQLException - if a database communication exception occurs
CredentialsDeniedException

newLdapClient

protected LdapClient newLdapClient()
Makes a new LDAP client.

Returns:
the new LDAP client

newServiceConnection

protected LdapClient newServiceConnection()
                                   throws IdentityException
Makes a new connected LDAP client based upon the service account credentials.

Returns:
the new LDAP client
Throws:
IdentityException - if a service account connection cannot be established

readGroupMembers

public Users readGroupMembers(String groupDN)
                       throws IdentityException,
                              NamingException,
                              SQLException
Reads the members of a group.

Overrides:
readGroupMembers in class IdentityAdapter
Parameters:
groupDN - the distinguished name for the group
Returns:
the collection of users belonging to the group
Throws:
IdentityException - if a system error occurs preventing the action
NamingException - if an LDAP naming exception occurs
SQLException - if a database communication exception occurs

readUserGroups

public void readUserGroups(User user)
                    throws IdentityException,
                           NamingException,
                           SQLException
Reads the groups to which a user belongs.

Overrides:
readUserGroups in class IdentityAdapter
Parameters:
user - the subject user
Throws:
IdentityException - if a system error occurs preventing the action
NamingException - if an LDAP naming exception occurs
SQLException - if a database communication exception occurs

readUserProfile

public void readUserProfile(User user)
                     throws IdentityException,
                            NamingException,
                            SQLException
Reads the profile attributes for a user.

Overrides:
readUserProfile in class IdentityAdapter
Parameters:
user - the subject user
Throws:
IdentityException - if a system error occurs preventing the action
NamingException - if an LDAP naming exception occurs
SQLException - if a database communication exception occurs

recoverPassword

public User recoverPassword(RecoverPasswordCriteria criteria)
                     throws IdentityException,
                            NamingException,
                            SQLException
Recovers a user password.

Overrides:
recoverPassword in class IdentityAdapter
Parameters:
criteria - the criteria associated with the password recovery
Returns:
the user associated with the recovered credentials (null if no match)
Throws:
IdentityException - if a system error occurs preventing the action
NamingException - if an LDAP naming exception occurs
SQLException - if a database communication exception occurs

registerUser

public void registerUser(User user)
                  throws CredentialPolicyException,
                         IdentityException,
                         NamingException,
                         SQLException
Registers a new user.

Overrides:
registerUser in class IdentityAdapter
Parameters:
user - the subject user
Throws:
CredentialPolicyException - if the credentials are invalid
IdentityException - if a system error occurs preventing the action
NamingException - if an LDAP naming exception occurs
SQLException - if a database communication exception occurs

addUserToRole

public void addUserToRole(User user,
                          String role)
                   throws CredentialPolicyException,
                          IdentityException,
                          NamingException,
                          SQLException
Adds user to role.

Overrides:
addUserToRole in class IdentityAdapter
Parameters:
user - the subject user
role -
Throws:
CredentialPolicyException - if the credentials are invalid
IdentityException - if a system error occurs preventing the action
NamingException - if an LDAP naming exception occurs
SQLException - if a database communication exception occurs

updateUserProfile

public void updateUserProfile(User user)
                       throws CredentialPolicyException,
                              IdentityException,
                              NamingException,
                              SQLException
Updates the profile attributes for a user.

Overrides:
updateUserProfile in class IdentityAdapter
Parameters:
user - the subject user
Throws:
CredentialPolicyException - if the credentials are invalid
IdentityException - if a system error occurs preventing the action
NamingException - if an LDAP naming exception occurs
SQLException - if a database communication exception occurs

Esri Geoportal Server
1.0

Copyright 2011 Environmental Systems Research Institute. All rights reserved. Use is subject to license terms.