Package com.inductiveautomation.ignition.gateway.authentication.impl

Class ADInternalHybridUserSource

java.lang.Object
com.inductiveautomation.ignition.gateway.user.UserSourceProfileKernelWrapper
com.inductiveautomation.ignition.gateway.user.AbstractUserSourceProfile
com.inductiveautomation.ignition.gateway.authentication.impl.InternalUserSource
com.inductiveautomation.ignition.gateway.authentication.impl.ADInternalHybridUserSource
All Implemented Interfaces:
SSOCompatibleADUserSource, UserSourceProfile, UserSourceProfileKernel
public class ADInternalHybridUserSource extends InternalUserSource implements SSOCompatibleADUserSource

  • Constructor Details

  • Method Details

    • startup

      public void startup(UserSourceManager manager)
      Description copied from interface: UserSourceProfileKernel
      Called when the user source is created before it is used.
      Specified by:
      startup in interface UserSourceProfile
      Specified by:
      startup in interface UserSourceProfileKernel
      Overrides:
      startup in class UserSourceProfileKernelWrapper

    • generateUuid

      protected String generateUuid()
      Description copied from class: InternalUserSource
      Generate a UUID for an InternalUserResource.
      Overrides:
      generateUuid in class InternalUserSource
      Returns:
      A UUID string or null if no UUID is generated.

    • selectInternalUserId

      protected String selectInternalUserId(InternalUserResource internalUser)
      Description copied from class: InternalUserSource
      Select the internal user ID from the InternalUserResource.
      Overrides:
      selectInternalUserId in class InternalUserSource
      Parameters:
      internalUser - The internal user resource to get the ID of.
      Returns:
      The ID of the internal user.

    • alterUser

      public void alterUser(User user, UICallback ui) throws Exception
      Specified by:
      alterUser in interface UserSourceProfile
      Overrides:
      alterUser in class InternalUserSource
      Throws:
      Exception

    • findUserInternalId

      protected String findUserInternalId(User user)
      Description copied from class: InternalUserSource
      Find the internal ID of the user. This is used to identify the user in the JSON resource.
      Overrides:
      findUserInternalId in class InternalUserSource
      Parameters:
      user - The user to find the ID for.
      Returns:
      The internal ID of the user.

    • authenticate

      public AuthenticatedUser authenticate(AuthChallenge challenge) throws Exception
      Description copied from interface: UserSourceProfile
      Called to both verify authentication for a given username/password pair, and to find the security roles for that user.
      Specified by:
      authenticate in interface UserSourceProfile
      Overrides:
      authenticate in class InternalUserSource
      Returns:
      An AuthenticatedUser that contains the user's roles if authentication succeeded, or null if it did not.
      Throws:
      PasswordExpiredException - if the user's password has expired and must be reset
      Exception - if there was an unexpected problem encountered during authentication

    • getUsers

      @Nonnull public Collection<User> getUsers() throws Exception
      Description copied from interface: UserSourceProfile
      Retrieve all users from this profile. This can execute slowly (block) if need be. It will be called periodically by the manager and the results will be cached. Users from failover sources will be returned if hard failover is configured and triggered.
      Specified by:
      getUsers in interface UserSourceProfile
      Overrides:
      getUsers in class InternalUserSource
      Throws:
      Exception

    • getUser

      @Nonnull public Optional<User> getUser(String userName) throws Exception
      Description copied from interface: UserSourceProfile
      Fetch a User with the given user name. If more than one user exists with the given user name, the first user returned from the underlying data source is returned. Failover sources will be queried if hard failover is configured and the primary sources are unable to fetch the user due to an error. Failover sources will also be queried if soft failover is configured and the user is not found in the primary sources.
      Specified by:
      getUser in interface UserSourceProfile
      Overrides:
      getUser in class InternalUserSource
      Parameters:
      userName - the user name of the User to fetch
      Returns:
      an Optional User with the given user name. the user may be from a failover user source (check User.getProfileName() to confirm)
      Throws:
      Exception - if there is an unexpected problem fetching the user with the given user name
      See Also:

    • authenticateUsernamePassword

      public AuthenticatedUser authenticateUsernamePassword(String uname, String pwd) throws Exception
      Specified by:
      authenticateUsernamePassword in interface SSOCompatibleADUserSource
      Throws:
      Exception

    • authenticateBadge

      public AuthenticatedUser authenticateBadge(String badge, @Nullable String pwd, boolean passwordRequired) throws Exception
      Authenticates a user with a badge. If the badge is associated with a user in the internal user store, it will return an AuthenticatedUser instance populated with the user's information. If the badge is not associated with any user, it will return null.
      Specified by:
      authenticateBadge in interface SSOCompatibleADUserSource
      Parameters:
      badge - the badge to authenticate
      pwd - the password associated with the badge, or null if no password is required
      passwordRequired - whether a password is required in addition to the badge for authentication
      Returns:
      an AuthenticatedUser instance if authentication is successful, or null if authentication fails
      Throws:
      Exception - if there is an error during the LDAP search or user creation

    • findSSOUser

      public User findSSOUser(String uname) throws Exception
      Description copied from interface: SSOCompatibleADUserSource
      Used by the SSO helper in order to search for a user with a given username. Return null if no user with this username is found.
      Specified by:
      findSSOUser in interface SSOCompatibleADUserSource
      Throws:
      Exception

    • toString

      public String toString()
      Overrides:
      toString in class InternalUserSource

    • setPopulateUsersOnDemand

      public void setPopulateUsersOnDemand(boolean populateUsersOnDemand)

    • setListUsersFromAD

      public void setListUsersFromAD(boolean listUsersFromAD)

    • setLdapHost

      public void setLdapHost(String ldapHost)

    • setLdapPort

      public void setLdapPort(String ldapPort)

    • setSecondaryLdapHost

      public void setSecondaryLdapHost(String secondaryLdapHost)

    • setSecondaryLdapPort

      public void setSecondaryLdapPort(String secondaryLdapPort)

    • setUsernamePrefix

      public void setUsernamePrefix(String usernamePrefix)

    • setUsernameSuffix

      public void setUsernameSuffix(String usernameSuffix)

    • setProfileUsername

      public void setProfileUsername(String profileUsername)

    • setReadTimeout

      public void setReadTimeout(Long readTimeOut)

    • setProfilePassword

      public void setProfilePassword(SecretConfig profilePassword)

    • setUsePrefixAndSuffixForGatewayUser

      public void setUsePrefixAndSuffixForGatewayUser(boolean usePrefixAndSuffixForGatewayUser)

    • setUseSSL

      public void setUseSSL(boolean useSsl)

    • setAllowAnon

      public void setAllowAnon(boolean anon)

    • setSecurityAuthentication

      public void setSecurityAuthentication(LDAPHelper.AuthType securityAuthentication)

    • setSecurityProtocol

      public void setSecurityProtocol(LDAPHelper.ProtocolType securityProtocol)

    • setUserSearchBase

      public void setUserSearchBase(String userSearchBase)

    • setUserSearchFilter

      public void setUserSearchFilter(String userSearchFilter)

    • setUserListFilter

      public void setUserListFilter(String userListFilter)

    • setUserNameAttribute

      public void setUserNameAttribute(String userNameAttribute)

    • setUserIdAttribute

      public void setUserIdAttribute(LdapAttribute userIdAttribute)

    • setFullNameAttribute

      public void setFullNameAttribute(String fullNameAttribute)

    • setEmailAttribute

      public void setEmailAttribute(String emailAttribute)

    • setPhoneAttribute

      public void setPhoneAttribute(String phoneAttribute)

    • setSmsAttribute

      public void setSmsAttribute(String smsAttribute)

    • setPageSize

      public void setPageSize(int size)

    • setSSOEnabled

      public void setSSOEnabled(boolean enabled)

    • setSSODomain

      public void setSSODomain(String ssoDomain)

    • setSaslConfig

      public void setSaslConfig(SASLConfig saslConfig)

    • setReferral

      public void setReferral(LDAPHelper.ReferralType referral)

    • setExtraUserAttributes

      public void setExtraUserAttributes(List<ExtraLdapAttribute> extraUserAttributes)
      Set the extra LDAP attributes that we have been configured to return when looking up a user.
      Parameters:
      extraUserAttributes - The configured list of additional user attributes.

    • getEditFlags

      public Set<UserSourceEditCapability> getEditFlags()
      Description copied from interface: UserSourceProfile
      Which of the editing functions are supported?
      Specified by:
      getEditFlags in interface UserSourceProfile
      Overrides:
      getEditFlags in class InternalUserSource