Package org.bremersee.security.core.userdetails

Class LdaptivePasswordMatcher

java.lang.Object

org.bremersee.security.core.userdetails.LdaptivePasswordMatcher

All Implemented Interfaces:

org.springframework.security.crypto.password.PasswordEncoder

public class LdaptivePasswordMatcher
extends Object
implements org.springframework.security.crypto.password.PasswordEncoder

The ldaptive password matcher.

Author:

Christian Bremer

Constructor Summary

Constructors

Constructor	Description
LdaptivePasswordMatcher(org.bremersee.data.ldaptive.LdaptiveOperations ldaptiveOperations, String userBaseDn, String userFindOneFilter)	Instantiates a new ldaptive password matcher.

Method Summary

Modifier and Type	Method	Description
String	encode(CharSequence rawPassword)
boolean	matches(CharSequence rawPassword, String userName)	Checks whether the given raw password matches the value in the ldap store.
void	setDelegate(org.springframework.security.crypto.password.PasswordEncoder delegate)	Sets delegate.
void	setUserFindOneSearchScope(org.ldaptive.SearchScope userFindOneSearchScope)	Sets user find one search scope.
void	setUserPasswordAttributeName(String userPasswordAttributeName)	Sets user password attribute name.

Methods inherited from class java.lang.Object

clone, equals, finalize, getClass, hashCode, notify, notifyAll, toString, wait, wait, wait

Methods inherited from interface org.springframework.security.crypto.password.PasswordEncoder

upgradeEncoding

Constructor Detail

LdaptivePasswordMatcher

public LdaptivePasswordMatcher(org.bremersee.data.ldaptive.LdaptiveOperations ldaptiveOperations,
                               String userBaseDn,
                               String userFindOneFilter)

Instantiates a new ldaptive password matcher.

Parameters:

ldaptiveOperations - the ldaptive operations

userBaseDn - the user base dn

userFindOneFilter - the user find one filter

Method Detail

setUserFindOneSearchScope

public void setUserFindOneSearchScope(org.ldaptive.SearchScope userFindOneSearchScope)

Sets user find one search scope.

Parameters:

userFindOneSearchScope - the user find one search scope

setUserPasswordAttributeName

public void setUserPasswordAttributeName(String userPasswordAttributeName)

Sets user password attribute name.

Parameters:

userPasswordAttributeName - the user password attribute name

setDelegate

public void setDelegate(org.springframework.security.crypto.password.PasswordEncoder delegate)

Sets delegate.

Parameters:

delegate - the delegate

encode

public String encode(CharSequence rawPassword)

Specified by:

encode in interface org.springframework.security.crypto.password.PasswordEncoder

matches

public boolean matches(CharSequence rawPassword,
                       String userName)

Checks whether the given raw password matches the value in the ldap store. Since the password attribute usually cannot be retrieved and cannot be stored in the user details, the comparison of the passwords is done by the ldap server. For this reason this password encoder implementation expects here the user name as second parameter instead of the encoded password from the user details.

Specified by:

matches in interface org.springframework.security.crypto.password.PasswordEncoder

Parameters:

rawPassword - the raw password

userName - the user name of the user

Returns:

true if the raw password matches the password in the ldap store, otherwise false