Package com.inductiveautomation.ignition.gateway.authentication.impl

Class ADtoDBHybridAuthenticator

java.lang.Object
com.inductiveautomation.ignition.gateway.user.UserSourceProfileKernelWrapper
com.inductiveautomation.ignition.gateway.user.AbstractUserSourceProfile
com.inductiveautomation.ignition.gateway.authentication.impl.DatabaseExpertUserSource
com.inductiveautomation.ignition.gateway.authentication.impl.ADtoDBHybridAuthenticator
All Implemented Interfaces:
SSOCompatibleADUserSource, UserSourceProfile, UserSourceProfileKernel
public class ADtoDBHybridAuthenticator extends DatabaseExpertUserSource implements SSOCompatibleADUserSource

  • Constructor Details

  • Method Details

    • startup

      public void startup(UserSourceManager manager)
      Description copied from interface: UserSourceProfileKernel
      Called when the user source is created before it is used.
      Specified by:
      startup in interface UserSourceProfile
      Specified by:
      startup in interface UserSourceProfileKernel
      Overrides:
      startup in class UserSourceProfileKernelWrapper

    • authenticate

      public AuthenticatedUser authenticate(AuthChallenge challenge) throws Exception
      Description copied from interface: UserSourceProfile
      Called to both verify authentication for a given username/password pair, and to find the security roles for that user.
      Specified by:
      authenticate in interface UserSourceProfile
      Overrides:
      authenticate in class DatabaseExpertUserSource
      Returns:
      An AuthenticatedUser that contains the user's roles if authentication succeeded, or null if it did not.
      Throws:
      PasswordExpiredException - if the user's password has expired and must be reset
      Exception - if there was an unexpected problem encountered during authentication

    • authenticateUsernamePassword

      public AuthenticatedUser authenticateUsernamePassword(String uname, String pwd) throws Exception
      Specified by:
      authenticateUsernamePassword in interface SSOCompatibleADUserSource
      Throws:
      Exception

    • authenticateBadge

      public AuthenticatedUser authenticateBadge(String badge, @Nullable String pwd, boolean passwordRequired) throws Exception
      Specified by:
      authenticateBadge in interface SSOCompatibleADUserSource
      Throws:
      Exception

    • shouldFetchUserId

      public boolean shouldFetchUserId()
      Determine whether we need to fetch the user ID from the database or LDAP. We need to do this if we are configured to user a user ID that is not the username. This is true when we are listing users from AD and the username attribute does not match the user ID attribute, or when we are NOT listing users from the LDAP, and the useruuid column is present in the find user query or list users query.
      Returns:
      true if we need to fetch the user ID, false otherwise.

    • getUsers

      @Nonnull protected Collection<User> getUsers(SRConnection con) throws Exception
      Overrides:
      getUsers in class DatabaseExpertUserSource
      Throws:
      Exception

    • getUser

      @Nonnull protected Optional<User> getUser(String userName, SRConnection con) throws Exception
      Overrides:
      getUser in class DatabaseExpertUserSource
      Throws:
      Exception

    • toString

      public String toString()
      Overrides:
      toString in class DatabaseExpertUserSource

    • setListUsersFromAD

      public void setListUsersFromAD(boolean listUsersFromAD)

    • setUserPropsQuery

      public void setUserPropsQuery(String userPropsQuery)

    • setLdapHost

      public void setLdapHost(String ldapHost)

    • setLdapPort

      public void setLdapPort(String ldapPort)

    • setSecondaryLdapHost

      public void setSecondaryLdapHost(String secondaryLdapHost)

    • setSecondaryLdapPort

      public void setSecondaryLdapPort(String secondaryLdapPort)

    • setUsernamePrefix

      public void setUsernamePrefix(String usernamePrefix)

    • setUsernameSuffix

      public void setUsernameSuffix(String usernameSuffix)

    • setProfileUsername

      public void setProfileUsername(String profileUsername)

    • setReadTimeOut

      public void setReadTimeOut(Long readTimeOut)

    • setProfilePassword

      public void setProfilePassword(SecretConfig profilePassword)

    • setUsePrefixAndSuffixForGatewayUser

      public void setUsePrefixAndSuffixForGatewayUser(boolean usePrefixAndSuffixForGatewayUser)

    • setUseSSL

      public void setUseSSL(boolean useSsl)

    • setAllowAnon

      public void setAllowAnon(boolean anon)

    • setSecurityAuthentication

      public void setSecurityAuthentication(LDAPHelper.AuthType securityAuthentication)

    • setSecurityProtocol

      public void setSecurityProtocol(LDAPHelper.ProtocolType securityProtocol)

    • setUserSearchBase

      public void setUserSearchBase(String userSearchBase)

    • setUserSearchFilter

      public void setUserSearchFilter(String userSearchFilter)

    • setUserListFilter

      public void setUserListFilter(String userListFilter)

    • setUserNameAttribute

      public void setUserNameAttribute(String userNameAttribute)

    • setUserIdAttribute

      public void setUserIdAttribute(LdapAttribute userIdAttribute)

    • setPageSize

      public void setPageSize(int size)

    • setSSOEnabled

      public void setSSOEnabled(boolean enabled)

    • setSSODomain

      public void setSSODomain(String ssoDomain)

    • setSaslConfig

      public void setSaslConfig(SASLConfig saslConfig)

    • setReferral

      public void setReferral(LDAPHelper.ReferralType referral)

    • setExtraUserAttributes

      public void setExtraUserAttributes(List<ExtraLdapAttribute> extraUserAttributes)
      Set the extra LDAP attributes that we have been configured to return when looking up a user.
      Parameters:
      extraUserAttributes - The configured list of additional user attributes.

    • findSSOUser

      public User findSSOUser(String uname) throws Exception
      Description copied from interface: SSOCompatibleADUserSource
      Used by the SSO helper in order to search for a user with a given username. Return null if no user with this username is found.
      Specified by:
      findSSOUser in interface SSOCompatibleADUserSource
      Throws:
      Exception