org.apache.lenya.ac.ldap
Class LDAPUser

java.lang.Object
  extended by org.apache.avalon.framework.logger.AbstractLogEnabled
      extended by org.apache.lenya.ac.impl.AbstractItem
          extended by org.apache.lenya.ac.impl.AbstractGroupable
              extended by org.apache.lenya.ac.impl.AbstractUser
                  extended by org.apache.lenya.ac.file.FileUser
                      extended by org.apache.lenya.ac.ldap.LDAPUser
All Implemented Interfaces:
java.io.Serializable, java.lang.Comparable, org.apache.avalon.framework.logger.LogEnabled, org.apache.lenya.ac.Accreditable, org.apache.lenya.ac.Groupable, org.apache.lenya.ac.Identifiable, org.apache.lenya.ac.Item, org.apache.lenya.ac.User

public class LDAPUser
extends org.apache.lenya.ac.file.FileUser

LDAP user.

Version:
$Id: LDAPUser.java 580116 2007-09-27 18:02:21Z rfrovarp $
See Also:
Serialized Form

Field Summary
static java.lang.String LDAP_ID
          LDAP_ID The LDAP id
 
Fields inherited from class org.apache.lenya.ac.file.FileUser
DOCUMENT_LOCALE, EMAIL, GROUP, GROUPS, ID, MENU_LOCALE, PASSWORD, PASSWORD_ATTRIBUTE
 
Constructor Summary
LDAPUser(org.apache.lenya.ac.ItemManager itemManager, org.apache.avalon.framework.logger.Logger logger)
          Creates a new LDAPUser object.
LDAPUser(org.apache.lenya.ac.ItemManager itemManager, org.apache.avalon.framework.logger.Logger logger, java.lang.String id, java.lang.String email, java.lang.String _ldapId, org.apache.avalon.framework.logger.Logger _logger)
          Create an LDAPUser
 
Method Summary
 boolean authenticate(java.lang.String password)
          Authenticate a user against the directory.
 boolean canChangePassword()
          The LDAPUser doesn't change any passwords as they are handled by LDAP
 void configure(org.apache.avalon.framework.configuration.Configuration config)
          Create a new LDAPUser from a configuration
protected  org.apache.avalon.framework.configuration.Configuration createConfiguration()
           
 boolean existsUser(java.lang.String _ldapId)
          Checks if a user exists.
 java.lang.String getLdapId()
          Get the ldap id
 java.lang.String getName()
           
protected  void initialize()
          Initializes this user.
protected  void setEncryptedPassword(java.lang.String encryptedPassword)
          The LDAPUser doesn't store any passwords as they are handled by LDAP
 void setLdapId(java.lang.String string)
          Set the ldap id
 void setName(java.lang.String string)
          LDAP Users fetch their name information from the LDAP server, so we don't store it locally.
 void setPassword(java.lang.String plainTextPassword)
          The LDAPUser doesn't store any passwords as they are handled by LDAP
 
Methods inherited from class org.apache.lenya.ac.file.FileUser
delete, getConfigurationDirectory, getFile, save, setConfigurationDirectory
 
Methods inherited from class org.apache.lenya.ac.impl.AbstractUser
getDefaultDocumentLocale, getDefaultMenuLocale, getEmail, getEncryptedPassword, setDefaultDocumentLocale, setDefaultMenuLocale, setEmail
 
Methods inherited from class org.apache.lenya.ac.impl.AbstractGroupable
addedToGroup, getAccreditables, getGroups, removedFromGroup, removeFromAllGroups
 
Methods inherited from class org.apache.lenya.ac.impl.AbstractItem
compareTo, equals, getAccreditableManager, getDescription, getId, getItemManager, hashCode, setDescription, setId, toString
 
Methods inherited from class org.apache.avalon.framework.logger.AbstractLogEnabled
enableLogging, getLogger, setupLogger, setupLogger, setupLogger
 
Methods inherited from class java.lang.Object
clone, finalize, getClass, notify, notifyAll, wait, wait, wait
 
Methods inherited from interface org.apache.lenya.ac.Item
getDescription, getId, getItemManager, setDescription
 
Methods inherited from interface org.apache.avalon.framework.logger.LogEnabled
enableLogging
 
Methods inherited from interface org.apache.lenya.ac.User
getAccreditableManager
 
Methods inherited from interface org.apache.lenya.ac.Accreditable
getAccreditables
 
Methods inherited from interface org.apache.lenya.ac.Groupable
addedToGroup, getGroups, removedFromGroup, removeFromAllGroups
 

Field Detail

LDAP_ID

public static final java.lang.String LDAP_ID
LDAP_ID The LDAP id

See Also:
Constant Field Values
Constructor Detail

LDAPUser

public LDAPUser(org.apache.lenya.ac.ItemManager itemManager,
                org.apache.avalon.framework.logger.Logger logger)
Creates a new LDAPUser object.

Parameters:
itemManager - The item manager.
logger - The logger.

LDAPUser

public LDAPUser(org.apache.lenya.ac.ItemManager itemManager,
                org.apache.avalon.framework.logger.Logger logger,
                java.lang.String id,
                java.lang.String email,
                java.lang.String _ldapId,
                org.apache.avalon.framework.logger.Logger _logger)
         throws org.apache.avalon.framework.configuration.ConfigurationException
Create an LDAPUser

Parameters:
itemManager - The item manager.
logger - The logger.
id - user id of LDAPUser
email - of LDAPUser
_ldapId - of LDAPUser
_logger - The logger.
Throws:
org.apache.avalon.framework.configuration.ConfigurationException - if the properties could not be read
Method Detail

configure

public void configure(org.apache.avalon.framework.configuration.Configuration config)
               throws org.apache.avalon.framework.configuration.ConfigurationException
Create a new LDAPUser from a configuration

Specified by:
configure in interface org.apache.lenya.ac.Item
Overrides:
configure in class org.apache.lenya.ac.file.FileUser
Parameters:
config - the Configuration specifying the user details
Throws:
org.apache.avalon.framework.configuration.ConfigurationException - if the user could not be instantiated

existsUser

public boolean existsUser(java.lang.String _ldapId)
                   throws org.apache.lenya.ac.AccessControlException
Checks if a user exists.

Parameters:
_ldapId - The LDAP id.
Returns:
A boolean value indicating whether the user is found in the directory
Throws:
org.apache.lenya.ac.AccessControlException - when an error occurs.

initialize

protected void initialize()
                   throws org.apache.avalon.framework.configuration.ConfigurationException
Initializes this user. The current (already authenticated) ldapId is queried in the directory, in order to retrieve additional information, such as the user name. In current implementation, only the user name is actually retrieved, but other attributes may be used in the future (such as groups ?) TODO: should the code be changed to not throw an exception when something goes wrong ? After all, it's only used to get additional info for display? This is a design decision, I'm not sure what's best.

Throws:
org.apache.avalon.framework.configuration.ConfigurationException - when something went wrong.

createConfiguration

protected org.apache.avalon.framework.configuration.Configuration createConfiguration()
Overrides:
createConfiguration in class org.apache.lenya.ac.file.FileUser
See Also:
FileUser.createConfiguration()

getLdapId

public java.lang.String getLdapId()
Get the ldap id

Returns:
the ldap id

setLdapId

public void setLdapId(java.lang.String string)
Set the ldap id

Parameters:
string - the new ldap id

authenticate

public boolean authenticate(java.lang.String password)
Authenticate a user against the directory. The principal to be authenticated is either constructed by use of the configured properties, or by lookup of this ID in the directory. This principal then attempts to authenticate against the directory with the provided password.

Specified by:
authenticate in interface org.apache.lenya.ac.User
Overrides:
authenticate in class org.apache.lenya.ac.impl.AbstractUser
See Also:
User.authenticate(java.lang.String)

getName

public java.lang.String getName()
Specified by:
getName in interface org.apache.lenya.ac.Item
Overrides:
getName in class org.apache.lenya.ac.impl.AbstractItem
See Also:
Item.getName()

setName

public void setName(java.lang.String string)
LDAP Users fetch their name information from the LDAP server, so we don't store it locally. Since we only have read access we basically can't set the name, i.e. any request to change the name is ignored.

Specified by:
setName in interface org.apache.lenya.ac.Item
Overrides:
setName in class org.apache.lenya.ac.impl.AbstractItem
Parameters:
string - is ignored

setPassword

public void setPassword(java.lang.String plainTextPassword)
The LDAPUser doesn't store any passwords as they are handled by LDAP

Specified by:
setPassword in interface org.apache.lenya.ac.User
Overrides:
setPassword in class org.apache.lenya.ac.impl.AbstractUser
Parameters:
plainTextPassword - is ignored

setEncryptedPassword

protected void setEncryptedPassword(java.lang.String encryptedPassword)
The LDAPUser doesn't store any passwords as they are handled by LDAP

Overrides:
setEncryptedPassword in class org.apache.lenya.ac.impl.AbstractUser
Parameters:
encryptedPassword - is ignored

canChangePassword

public boolean canChangePassword()
The LDAPUser doesn't change any passwords as they are handled by LDAP

Specified by:
canChangePassword in interface org.apache.lenya.ac.User
Overrides:
canChangePassword in class org.apache.lenya.ac.impl.AbstractUser
Returns:
always returns false


Copyright $ Apache Software Foundation. All Rights Reserved.