Class AuthenticationStrategies
- java.lang.Object
-
- org.forgerock.opendj.rest2ldap.authz.AuthenticationStrategies
-
public final class AuthenticationStrategies extends Object
Factory methods ofAuthenticationStrategy
allowing to perform authentication against LDAP server through different method.
-
-
Method Summary
All Methods Static Methods Concrete Methods Modifier and Type Method Description static AuthenticationStrategy
newSaslPlainStrategy(LdapClient ldapClient, Schema schema, String authcIdTemplate)
Creates anAuthenticationStrategy
performing authentication against an LDAP server using a plain SASL bind request.static AuthenticationStrategy
newSaslScramStrategy(LdapClient ldapClient, ScramMechanism scramMechanism, Schema schema, String authcIdTemplate)
Creates anAuthenticationStrategy
performing authentication against an LDAP server using a SCRAM SASL bind request.static AuthenticationStrategy
newSearchThenBindStrategy(LdapClient searchLdapClient, LdapClient bindLdapClient, Dn baseDN, SearchScope searchScope, String filterTemplate)
Creates anAuthenticationStrategy
performing authentication against an LDAP server by first performing a lookup of the entry to bind with.static AuthenticationStrategy
newSimpleBindStrategy(LdapClient ldapClient, String bindDNTemplate, Schema schema)
Creates anAuthenticationStrategy
performing simple BIND authentication against an LDAP server.static AuthenticationStrategy
newSimpleBindStrategy(LdapClient ldapClient, Function<String,Dn> dnMapper)
Creates anAuthenticationStrategy
performing simple BIND authentication against an LDAP server.
-
-
-
Method Detail
-
newSimpleBindStrategy
public static AuthenticationStrategy newSimpleBindStrategy(LdapClient ldapClient, String bindDNTemplate, Schema schema)
Creates anAuthenticationStrategy
performing simple BIND authentication against an LDAP server.- Parameters:
ldapClient
-LdapClient
to the LDAP server used to perform the bind operation.bindDNTemplate
- Template of the DN to use for the bind operation. The first %s will be replaced by the provided authentication-id (i.e: uid=%s,dc=example,dc=com)schema
-Schema
used to validate the DN format.*- Returns:
- a new simple bind
AuthenticationStrategy
- Throws:
NullPointerException
- If a parameter is null
-
newSimpleBindStrategy
public static AuthenticationStrategy newSimpleBindStrategy(LdapClient ldapClient, Function<String,Dn> dnMapper)
Creates anAuthenticationStrategy
performing simple BIND authentication against an LDAP server.- Parameters:
ldapClient
-LdapClient
to the LDAP server used to perform the bind operation.dnMapper
- mapper that converts a String into a DN.- Returns:
- a new simple bind
AuthenticationStrategy
- Throws:
NullPointerException
- If a parameter is null
-
newSearchThenBindStrategy
public static AuthenticationStrategy newSearchThenBindStrategy(LdapClient searchLdapClient, LdapClient bindLdapClient, Dn baseDN, SearchScope searchScope, String filterTemplate)
Creates anAuthenticationStrategy
performing authentication against an LDAP server by first performing a lookup of the entry to bind with. This is to find the user DN to bind with from its metadata (i.e: email address).- Parameters:
searchLdapClient
-LdapClient
to the LDAP server used to perform the lookup of the entry.bindLdapClient
-LdapClient
to the LDAP server used to perform the bind one the user's DN has been found. Can be the same than the searchConnectionFactory.baseDN
- Base DN of the search request performed to find the user's DN.searchScope
-SearchScope
of the search request performed to find the user's DN.filterTemplate
- Filter of the search request (i.e:(&(email=%s)(objectClass=inetOrgPerson))
where the first%s
will be replaced by the user's provided authentication-id.- Returns:
- a new search then bind
AuthenticationStrategy
- Throws:
NullPointerException
- If a parameter is null
-
newSaslPlainStrategy
public static AuthenticationStrategy newSaslPlainStrategy(LdapClient ldapClient, Schema schema, String authcIdTemplate)
Creates anAuthenticationStrategy
performing authentication against an LDAP server using a plain SASL bind request.- Parameters:
ldapClient
-LdapClient
to the LDAP server to authenticate with.authcIdTemplate
- Authentication identity template containing a single %s which will be replaced by the authenticating user's name. (i.e: (u:%s)schema
- Schema used to perform DN validation.- Returns:
- a new SASL plain bind
AuthenticationStrategy
- Throws:
NullPointerException
- If a parameter is null
-
newSaslScramStrategy
public static AuthenticationStrategy newSaslScramStrategy(LdapClient ldapClient, ScramMechanism scramMechanism, Schema schema, String authcIdTemplate)
Creates anAuthenticationStrategy
performing authentication against an LDAP server using a SCRAM SASL bind request.- Parameters:
ldapClient
-LdapClient
to the LDAP server to authenticate with.scramMechanism
- The SCRAM mechanism which should be used.schema
- Schema used to perform DN validation.authcIdTemplate
- Authentication identity template containing a single %s which will be replaced by the authenticating user's name. (i.e: (u:%s)- Returns:
- a new SASL SCRAM bind
AuthenticationStrategy
- Throws:
NullPointerException
- If a parameter is null
-
-