diff --git a/sandbox/src/main/java/org/acegisecurity/providers/dao/ldap/LdapPasswordAuthenticationDao.java b/sandbox/src/main/java/org/acegisecurity/providers/dao/ldap/LdapPasswordAuthenticationDao.java
index 57e7bbabf1..e092b3e056 100644
--- a/sandbox/src/main/java/org/acegisecurity/providers/dao/ldap/LdapPasswordAuthenticationDao.java
+++ b/sandbox/src/main/java/org/acegisecurity/providers/dao/ldap/LdapPasswordAuthenticationDao.java
@@ -1,4 +1,4 @@
-/* Copyright 2004 Acegi Technology Pty Limited
+/* Copyright 2004, 2005 Acegi Technology Pty Limited
*
* Licensed under the Apache License, Version 2.0 (the "License");
* you may not use this file except in compliance with the License.
@@ -50,9 +50,23 @@ import javax.naming.directory.SearchResult;
/**
* This is an example PasswordAuthenticationDao implementation
* using LDAP service for user authentication.
+ *
+* Example use:
+* <bean id="ldapDaoImpl" class="net.sf.acegisecurity.providers.dao.ldap.LdapPasswordAuthenticationDao">
+* <property name="host"><value>sydney.ipov.info</value></property>
+* <property name="rootContext"><value>dc=ipov,dc=info</value></property>
+* <property name="userContext"><alue>ou=Users</value></property>
+* <property name="userAttribute"><value>uid</value></property>
+* </bean>
+* ...
+* <bean id="authenticationProvider" class="net.sf.acegisecurity.providers.dao.PasswordDaoAuthenticationProvider">
+* <property name="passwordAuthenticationDao"><ref local="ldapDaoImpl"/></property>
+* </bean>
+*
*
* @author Karel Miarka
* @author Daniel Miller
+ * @author Robert Sanders
*/
public class LdapPasswordAuthenticationDao implements PasswordAuthenticationDao {
//~ Static fields/initializers =============================================
@@ -63,7 +77,11 @@ public class LdapPasswordAuthenticationDao implements PasswordAuthenticationDao
//~ Instance fields ========================================================
private String host;
+
+ /** The INITIAL_CONTEXT_FACTORY for use with JNDI. */
+ private String initialContextFactory = "com.sun.jndi.ldap.LdapCtxFactory";
private String rootContext;
+ private String userAttribute = "CN"; // ??? is this the right code??
private String userContext = "CN=Users";
private String[] rolesAttributes = {"memberOf"};
private int port = 389;
@@ -79,6 +97,33 @@ public class LdapPasswordAuthenticationDao implements PasswordAuthenticationDao
this.host = hostname;
}
+ /**
+ * DOCUMENT ME!
+ *
+ * @return Returns the host.
+ */
+ public String getHost() {
+ return host;
+ }
+
+ /**
+ * DOCUMENT ME!
+ *
+ * @param initialContextFactory The initialContextFactory to set.
+ */
+ public void setInitialContextFactory(String initialContextFactory) {
+ this.initialContextFactory = initialContextFactory;
+ }
+
+ /**
+ * DOCUMENT ME!
+ *
+ * @return Returns the initialContextFactory.
+ */
+ public String getInitialContextFactory() {
+ return initialContextFactory;
+ }
+
/**
* Set the port on which is running the LDAP server.
Default value: 389
*
@@ -88,6 +133,27 @@ public class LdapPasswordAuthenticationDao implements PasswordAuthenticationDao
this.port = port;
}
+ /**
+ * DOCUMENT ME!
+ *
+ * @return Returns the port.
+ */
+ public int getPort() {
+ return port;
+ }
+
+ public String getProviderURL() {
+ StringBuffer providerUrl = new StringBuffer();
+ providerUrl.append("ldap://");
+ providerUrl.append(this.host);
+ providerUrl.append(":");
+ providerUrl.append(this.port);
+ providerUrl.append("/");
+ providerUrl.append(this.rootContext);
+
+ return providerUrl.toString();
+ }
+
/**
* Set the name of user object's attribute(s) which contains the list of
* user's role names. The role is converted to upper case and a "ROLE_"
@@ -110,6 +176,24 @@ public class LdapPasswordAuthenticationDao implements PasswordAuthenticationDao
this.rootContext = rootContext;
}
+ /**
+ * DOCUMENT ME!
+ *
+ * @param userAttribute The userAttribute to set.
+ */
+ public void setUserAttribute(String userAttribute) {
+ this.userAttribute = userAttribute;
+ }
+
+ /**
+ * DOCUMENT ME!
+ *
+ * @return Returns the userAttribute.
+ */
+ public String getUserAttribute() {
+ return userAttribute;
+ }
+
/**
* Set the context in which all users reside relative to the root context.
* Defalut value: "CN=Users"
@@ -130,23 +214,14 @@ public class LdapPasswordAuthenticationDao implements PasswordAuthenticationDao
env.put(Context.INITIAL_CONTEXT_FACTORY,
"com.sun.jndi.ldap.LdapCtxFactory");
-
- StringBuffer providerUrl = new StringBuffer();
- providerUrl.append("ldap://");
- providerUrl.append(this.host);
- providerUrl.append(":");
- providerUrl.append(this.port);
- providerUrl.append("/");
- providerUrl.append(this.rootContext);
-
- env.put(Context.PROVIDER_URL, providerUrl.toString());
+ env.put(Context.PROVIDER_URL, getProviderURL());
env.put(Context.SECURITY_AUTHENTICATION, "simple");
env.put(Context.SECURITY_PRINCIPAL, getUserPrincipal(username));
env.put(Context.SECURITY_CREDENTIALS, password);
try {
if (log.isDebugEnabled()) {
- log.debug("Connecting to " + providerUrl + " as "
+ log.debug("Connecting to " + getProviderURL() + " as "
+ getUserPrincipal(username));
}
@@ -293,17 +368,16 @@ public class LdapPasswordAuthenticationDao implements PasswordAuthenticationDao
/**
* Get the Context.SECURITY_PRINCIPAL for the given username
- * string. This implementation returns a string composed of the following:
- * <usernamePrefix><username><usernameSufix. This function
- * may be overridden in a subclass.
+ * string. This implementation returns the userBase for JNDI / LDAP
+ * lookup.
*
* @param username DOCUMENT ME!
*
* @return DOCUMENT ME!
*/
protected String getUserPrincipal(String username) {
- StringBuffer principal = new StringBuffer();
- principal.append("CN=");
+ StringBuffer principal = new StringBuffer(userAttribute);
+ principal.append("=");
principal.append(username);
principal.append(",");
principal.append(this.userContext);