Class LdapAuthorizationPolicy

  • All Implemented Interfaces:
    AuthorizationPolicy

    public class LdapAuthorizationPolicy
    extends Object
    implements AuthorizationPolicy
    Provider for authorization using LDAP. Checks if the XMPP authentication identity, or 'principal' (identity whose password will be used) is in the user's LDAP object using the authorizeField from the system properties. An entry in that file would look like the following:
    • ldap.authorizeField = k5login
    This implementation requires that LDAP be configured, obviously.
    Author:
    Jay Kline
    • Constructor Detail

      • LdapAuthorizationPolicy

        public LdapAuthorizationPolicy()
    • Method Detail

      • authorize

        public boolean authorize​(String authzid,
                                 String authcid)
        Returns true if the provided XMPP authentication identity (identity whose password will be used) is explicitly allowed to the provided XMPP authorization identity (identity to act as).
        Specified by:
        authorize in interface AuthorizationPolicy
        Parameters:
        authzid - XMPP authorization identity (identity to act as).
        authcid - XMPP authentication identity, or 'principal' (identity whose password will be used)
        Returns:
        true if the authzid is explicitly allowed to be used by the user authenticated with the authcid.
      • name

        public String name()
        Returns the short name of the Policy
        Specified by:
        name in interface AuthorizationPolicy
        Returns:
        The short name of the Policy
      • description

        public String description()
        Returns a description of the Policy
        Specified by:
        description in interface AuthorizationPolicy
        Returns:
        The description of the Policy.