Package com.inductiveautomation.ignition.gateway.authentication.impl

Class LDAPHelper

java.lang.Object
com.inductiveautomation.ignition.gateway.authentication.impl.LDAPHelper
public class LDAPHelper extends Object
Encapsulates lots of the boilerplate code required to connect to and query an LDAP server.

  • Constructor Details

  • Method Details

    • parseBasePatternString

      public static String[] parseBasePatternString(String basePatternString)
      Given a string containing LDAP patterns for user locations (separated by parentheses in a pseudo-LDAP search string format - "(location1)(location2)", returns an array of those paths. Real LDAP search strings are supported as well (though only the "|" "OR" type).
      Parameters:
      basePatternString - - a string LDAP search paths surrounded by parentheses

    • openContext

      public LdapContext openContext(String uname, String pwd) throws Exception
      Opens an LDAP query context with the given username and password. Will never return null.
      Throws:
      Exception

    • closeQuietly

      public void closeQuietly(DirContext ctx)

    • isUserValid

      public boolean isUserValid(String uname, String pwd) throws Exception
      Checks the validity of a username/password pair against the ldap server
      Throws:
      Exception

    • search

      public <T> List<T> search(String[] bases, String filter, Object[] filterArgs, LDAPHelper.SearchHandler<T> handler) throws Exception
      Opens a context using the profile username/password. Uses search scope SUBTREE_SCOPE.
      Parameters:
      bases - An array of bases to search through. Each one is searched separately.
      filter - The filter string to use.
      filterArgs - The arguments for the filter (may be null if not applicable)
      handler - The handler to turn search results into useful objects.
      Throws:
      Exception

    • search

      public <T> List<T> search(LdapContext ctx, String[] bases, String filter, Object[] filterArgs, SearchControls controls, LDAPHelper.SearchHandler<T> handler) throws Exception
      Searches using the filter and args on each base specified on the supplied context. Will close the context afterwards.
      Type Parameters:
      T - The type of object returned in the response.
      Parameters:
      ctx - The directory context to search.
      bases - An array of bases to search through. Each one is searched separately.
      filter - The filter string to use.
      filterArgs - The arguments for the filter (may be null if not applicable)
      controls - The search controls.
      handler - The handler to turn search results into useful objects.
      Returns:
      The List of objects that were searched for.
      Throws:
      Exception - If there was an error during the search.

    • setLdapHost

      public void setLdapHost(String ldapHost)

    • setLdapPort

      public void setLdapPort(String ldapPort)

    • setSecondaryLdapHost

      public void setSecondaryLdapHost(String secondaryLdapHost)

    • setSecondaryLdapPort

      public void setSecondaryLdapPort(String secondaryLdapPort)

    • setUsernameSuffix

      public void setUsernameSuffix(String usernameSuffix)

    • setUsernamePrefix

      public void setUsernamePrefix(String usernamePrefix)

    • setProfileUsername

      public void setProfileUsername(String profileUsername)

    • setProfilePassword

      public void setProfilePassword(SecretConfig profilePassword)

    • setUsePrefixAndSuffixForGatewayUser

      public void setUsePrefixAndSuffixForGatewayUser(boolean usePrefixAndSuffixForGatewayUser)

    • setUseSSL

      public void setUseSSL(boolean useSSL)

    • setAllowAnon

      public void setAllowAnon(boolean allowAnon)

    • setSecurityAuthentication

      public void setSecurityAuthentication(LDAPHelper.AuthType securityAuthentication)

    • setSecurityProtocol

      public void setSecurityProtocol(LDAPHelper.ProtocolType securityProtocol)

    • setReadTimeout

      public void setReadTimeout(Long readTimeout)

    • setPageSize

      public void setPageSize(int size)

    • setSaslConfig

      public void setSaslConfig(SASLConfig saslConfig)

    • setReferral

      public void setReferral(LDAPHelper.ReferralType referral)

    • maybeLogReferralException

      public void maybeLogReferralException(LdapReferralException ex)
      This method will log a warning message for the LdapReferralException if referral == throw.
      Parameters:
      ex - The LdapReferralException to log.

    • addBinaryAttributes

      public void addBinaryAttributes(Collection<String> binaryAttributes)
      Add any LDAP attributes that need to be configured to be retrieved as a byte array instead of as a String.
      Parameters:
      binaryAttributes - The set of attributes to retrieved as a byte array.