Package org.jivesoftware.openfire.ldap

Class LdapAuthorizationMapping

java.lang.Object

org.jivesoftware.openfire.ldap.LdapAuthorizationMapping

All Implemented Interfaces:

AuthorizationMapping

public class LdapAuthorizationMapping
extends Object
implements AuthorizationMapping

Provider for authorization mapping using LDAP. If the authenticated identity ('principal', whose password is used) did not request an authorization identity ('username', to act as), provide one via LDAP. Specify the lookup field in the system properties. An entry in that file would look like the following:

• ldap.princField = k5login
• ldap.princSearchFilter = princField={0}

Each ldap object that represents a user is expected to have exactly one of ldap.usernameField and ldap.princField, and they are both expected to be unique over the search base. A search will be performed over all objects where princField = principal, and the usernameField will be returned. Note that it is expected this search return exactly one object. (There can only be one default) If more than one is returned, the first entry encountered will be used, and no sorting is performed or requested. If more control over the search is needed, you can specify the mapSearchFilter used to perform the LDAP query. This implementation requires that LDAP be configured, obviously.

Author:

Jay Kline

Constructor Summary

Constructors

Constructor	Description
LdapAuthorizationMapping()

Method Summary

Modifier and Type	Method	Description
String	description()	Returns a description of the Policy
String	map(String authcid)	Returns the default authorization identity (the identity to act as) for a provided authentication identity (or 'principal' - whose password is used).
String	name()	Returns the short name of the Policy

Methods inherited from class java.lang.Object

clone, equals, finalize, getClass, hashCode, notify, notifyAll, toString, wait, wait, wait

Constructor Details

LdapAuthorizationMapping

public LdapAuthorizationMapping()

Method Details

map

public String map(String authcid)

Description copied from interface: AuthorizationMapping

Returns the default authorization identity (the identity to act as) for a provided authentication identity (or 'principal' - whose password is used).

Specified by:

map in interface AuthorizationMapping

Parameters:

authcid - authentication identity (or 'principal' whose password is used)

Returns:

The name of the default authorization identity to use.

name

public String name()

Returns the short name of the Policy

Specified by:

name in interface AuthorizationMapping

Returns:

The short name of the Policy

description

public String description()

Returns a description of the Policy

Specified by:

description in interface AuthorizationMapping

Returns:

The description of the Policy.