Package org.jivesoftware.openfire.ldap
Class LdapAuthorizationMapping
java.lang.Object
org.jivesoftware.openfire.ldap.LdapAuthorizationMapping
- All Implemented Interfaces:
AuthorizationMapping
Provider for authorization mapping using LDAP. If the authenticated identity ('principal', whose password is used)
did not request an authorization identity ('username', to act as), provide one via LDAP. Specify the lookup field in
the system properties. An entry in that file would look like the following:
ldap.princField = k5login
ldap.princSearchFilter = princField={0}
Each ldap object that represents a user is expected to have exactly one of ldap.usernameField and ldap.princField, and they are both expected to be unique over the search base. A search will be performed over all objects where princField = principal, and the usernameField will be returned. Note that it is expected this search return exactly one object. (There can only be one default) If more than one is returned, the first entry encountered will be used, and no sorting is performed or requested. If more control over the search is needed, you can specify the mapSearchFilter used to perform the LDAP query. This implementation requires that LDAP be configured, obviously.
- Author:
- Jay Kline
-
Constructor Summary
Constructors -
Method Summary
Modifier and TypeMethodDescriptionReturns a description of the PolicyReturns the default authorization identity (the identity to act as) for a provided authentication identity (or 'principal' - whose password is used).name()
Returns the short name of the Policy
-
Constructor Details
-
LdapAuthorizationMapping
public LdapAuthorizationMapping()
-
-
Method Details
-
map
Description copied from interface:AuthorizationMapping
Returns the default authorization identity (the identity to act as) for a provided authentication identity (or 'principal' - whose password is used).- Specified by:
map
in interfaceAuthorizationMapping
- Parameters:
authcid
- authentication identity (or 'principal' whose password is used)- Returns:
- The name of the default authorization identity to use.
-
name
Returns the short name of the Policy- Specified by:
name
in interfaceAuthorizationMapping
- Returns:
- The short name of the Policy
-
description
Returns a description of the Policy- Specified by:
description
in interfaceAuthorizationMapping
- Returns:
- The description of the Policy.
-