Package com.inductiveautomation.ignition.gateway.authentication.impl

Class LDAPHelper

java.lang.Object
com.inductiveautomation.ignition.gateway.authentication.impl.LDAPHelper
public class LDAPHelper extends Object
Encapsulates lots of the boilerplate code required to connect to and query an LDAP server.

  • Constructor Details

  • Method Details

    • parseBasePatternString

      public static String[] parseBasePatternString(String basePatternString)
      Given a string containing LDAP patterns for user locations (separated by parentheses in a pseudo-LDAP search string format - "(location1)(location2)", returns an array of those paths. Real LDAP search strings are supported as well (though only the "|" "OR" type).
      Parameters:
      basePatternString - - a string LDAP search paths surrounded by parentheses

    • openContext

      public LdapContext openContext(String uname, String pwd) throws Exception
      Opens an LDAP query context with the given username and password. Will never return null.
      Throws:
      Exception

    • closeQuietly

      public void closeQuietly(DirContext ctx)

    • isUserValid

      public boolean isUserValid(String uname, String pwd) throws Exception
      Checks the validity of a username/password pair against the ldap server
      Throws:
      Exception

    • search

      public <T> List<T> search(String[] bases, String filter, Object[] filterArgs, LDAPHelper.SearchHandler<T> handler) throws Exception
      Opens a context using the profile username/password. Uses search scope SUBTREE_SCOPE.
      Parameters:
      bases - An array of bases to search through. Each one is searched separately.
      filter - The filter string to use.
      filterArgs - The arguments for the filter (may be null if not applicable)
      handler - The handler to turn search results into useful objects.
      Throws:
      Exception

    • search

      public <T> List<T> search(LdapContext ctx, String[] bases, String filter, Object[] filterArgs, SearchControls controls, LDAPHelper.SearchHandler<T> handler) throws Exception
      Searches using the filter and args on each base specified on the supplied context. Will close the context afterwards.
      Type Parameters:
      T - The type of object returned in the response.
      Parameters:
      ctx - The directory context to search.
      bases - An array of bases to search through. Each one is searched separately.
      filter - The filter string to use.
      filterArgs - The arguments for the filter (may be null if not applicable)
      controls - The search controls.
      handler - The handler to turn search results into useful objects.
      Returns:
      The List of objects that were searched for.
      Throws:
      Exception - If there was an error during the search.

    • parseName

      public static LdapName parseName(String name, boolean legacyNamingEnabled) throws InvalidNameException
      Parse the LdapName given a String. The given String is first parsed as a CompositeName. The first element of the CompositeName is then parsed as an LdapName.
      Parameters:
      name - the name to parse. must not be null.
      legacyNamingEnabled - if true, the name argument is parsed first as a CompositeName, and then the first element in the CompositeName is extracted and parsed as an LdapName (this is the default behavior in 8.1). If false, the name argument is parsed directly as an LdapName.
      Returns:
      the parsed LdapName. never null.
      Throws:
      InvalidNameException - if the given name argument cannot be parsed into a LdapName
      NullPointerException - if the given name argument is null

    • setLdapHost

      public void setLdapHost(String ldapHost)

    • setLdapPort

      public void setLdapPort(String ldapPort)

    • setSecondaryLdapHost

      public void setSecondaryLdapHost(String secondaryLdapHost)

    • setSecondaryLdapPort

      public void setSecondaryLdapPort(String secondaryLdapPort)

    • setUsernameSuffix

      public void setUsernameSuffix(String usernameSuffix)

    • setUsernamePrefix

      public void setUsernamePrefix(String usernamePrefix)

    • setProfileUsername

      public void setProfileUsername(String profileUsername)

    • setProfilePassword

      public void setProfilePassword(SecretConfig profilePassword)

    • setUsePrefixAndSuffixForGatewayUser

      public void setUsePrefixAndSuffixForGatewayUser(boolean usePrefixAndSuffixForGatewayUser)

    • setUseSSL

      public void setUseSSL(boolean useSSL)

    • setAllowAnon

      public void setAllowAnon(boolean allowAnon)

    • setSecurityAuthentication

      public void setSecurityAuthentication(LDAPHelper.AuthType securityAuthentication)

    • setSecurityProtocol

      public void setSecurityProtocol(LDAPHelper.ProtocolType securityProtocol)

    • setConnectTimeout

      public void setConnectTimeout(Long connectTimeout)

    • setReadTimeout

      public void setReadTimeout(Long readTimeout)

    • setPageSize

      public void setPageSize(int size)

    • setSaslConfig

      public void setSaslConfig(SASLConfig saslConfig)

    • setReferral

      public void setReferral(LDAPHelper.ReferralType referral)

    • maybeLogReferralException

      public void maybeLogReferralException(LdapReferralException ex)
      This method will log a warning message for the LdapReferralException if referral == throw.
      Parameters:
      ex - The LdapReferralException to log.

    • addBinaryAttributes

      public void addBinaryAttributes(Collection<String> binaryAttributes)
      Add any LDAP attributes that need to be configured to be retrieved as a byte array instead of as a String.
      Parameters:
      binaryAttributes - The set of attributes to retrieved as a byte array.