Package com.inductiveautomation.ignition.gateway.authentication.impl

Class ActiveDirectoryUserSource

java.lang.Object
com.inductiveautomation.ignition.gateway.user.UserSourceProfileKernelWrapper
com.inductiveautomation.ignition.gateway.user.AbstractUserSourceProfile
com.inductiveautomation.ignition.gateway.authentication.impl.ActiveDirectoryUserSource
All Implemented Interfaces:
SSOCompatibleADUserSource, UserSourceProfile, UserSourceProfileKernel
public class ActiveDirectoryUserSource extends AbstractUserSourceProfile implements SSOCompatibleADUserSource

  • Field Details

    • DEFAULT_USER_SEARCH_FILTER

      public static final String DEFAULT_USER_SEARCH_FILTER
      Default user search filter for looking for a single user
      See Also:

    • DEFAULT_USER_LIST_FILTER

      public static final String DEFAULT_USER_LIST_FILTER
      Default group search filter for finding all users
      See Also:

    • DEFAULT_ROLE_LIST_FILTER

      public static final String DEFAULT_ROLE_LIST_FILTER
      Default group search filter for finding all groups
      See Also:

  • Constructor Details

  • Method Details

    • startup

      public void startup(UserSourceManager manager)
      Description copied from interface: UserSourceProfileKernel
      Called when the user source is created before it is used.
      Specified by:
      startup in interface UserSourceProfile
      Specified by:
      startup in interface UserSourceProfileKernel
      Overrides:
      startup in class UserSourceProfileKernelWrapper

    • getUsers

      @Nonnull public Collection<User> getUsers() throws Exception
      Description copied from interface: UserSourceProfile
      Retrieve all users from this profile. This can execute slowly (block) if need be. It will be called periodically by the manager and the results will be cached. Users from failover sources will be returned if hard failover is configured and triggered.
      Specified by:
      getUsers in interface UserSourceProfile
      Specified by:
      getUsers in class AbstractUserSourceProfile
      Throws:
      Exception

    • getUser

      @Nonnull public Optional<User> getUser(String userName) throws Exception
      Description copied from interface: UserSourceProfile
      Fetch a User with the given user name. If more than one user exists with the given user name, the first user returned from the underlying data source is returned. Failover sources will be queried if hard failover is configured and the primary sources are unable to fetch the user due to an error. Failover sources will also be queried if soft failover is configured and the user is not found in the primary sources.
      Specified by:
      getUser in interface UserSourceProfile
      Overrides:
      getUser in class AbstractUserSourceProfile
      Parameters:
      userName - the user name of the User to fetch
      Returns:
      an Optional User with the given user name. the user may be from a failover user source (check User.getProfileName() to confirm)
      Throws:
      Exception - if there is an unexpected problem fetching the user with the given user name
      See Also:

    • authenticate

      public AuthenticatedUser authenticate(AuthChallenge challenge) throws Exception
      Description copied from interface: UserSourceProfile
      Called to both verify authentication for a given username/password pair, and to find the security roles for that user.
      Specified by:
      authenticate in interface UserSourceProfile
      Returns:
      An AuthenticatedUser that contains the user's roles if authentication succeeded, or null if it did not.
      Throws:
      PasswordExpiredException - if the user's password has expired and must be reset
      Exception - if there was an unexpected problem encountered during authentication

    • authenticateAD

      public AuthenticatedUser authenticateAD(AuthChallenge challenge) throws Exception
      Description copied from interface: SSOCompatibleADUserSource
      Callback to the standard, non-SSO version of this user source's auth logic
      Specified by:
      authenticateAD in interface SSOCompatibleADUserSource
      Throws:
      Exception

    • findSSOUser

      public User findSSOUser(String uname) throws Exception
      Description copied from interface: SSOCompatibleADUserSource
      Used by the SSO helper in order to search for a user with a given username. Return null if no user with this username is found.
      Specified by:
      findSSOUser in interface SSOCompatibleADUserSource
      Throws:
      Exception

    • getRoles

      @Nonnull public Collection<String> getRoles() throws Exception
      Specified by:
      getRoles in interface UserSourceProfile
      Specified by:
      getRoles in class AbstractUserSourceProfile
      Returns:
      a collection of all possible role names for this profile. May be empty. Roles from failover sources will be returned if hard failover is configured and triggered.
      Throws:
      Exception

    • main

      public static void main(String[] args)

    • setLdapHost

      public void setLdapHost(String ldapHost)

    • setLdapPort

      public void setLdapPort(String ldapPort)

    • setProfilePassword

      public void setProfilePassword(String profilePassword)

    • setProfileUsername

      public void setProfileUsername(String profileUsername)

    • setRoleSearchBase

      public void setRoleSearchBase(String roleSearchBase)

    • setRoleSearchFilter

      public void setRoleSearchFilter(String roleSearchFilter)

    • setSecondaryLdapHost

      public void setSecondaryLdapHost(String secondaryLdapHost)

    • setSecondaryLdapPort

      public void setSecondaryLdapPort(String secondaryLdapPort)

    • setUserNameAttribute

      public void setUserNameAttribute(String usernameAttribute)

    • setUsernamePrefix

      public void setUsernamePrefix(String usernamePrefix)

    • setUsernameSuffix

      public void setUsernameSuffix(String usernameSuffix)

    • setUsePrefixAndSuffixForGatewayUser

      public void setUsePrefixAndSuffixForGatewayUser(boolean usePrefixAndSuffixForGatewayUser)

    • setUseSSL

      public void setUseSSL(boolean useSsl)

    • setAllowAnon

      public void setAllowAnon(boolean anon)

    • setSecurityAuthentication

      public void setSecurityAuthentication(LDAPHelper.AuthType securityAuthentication)

    • setSecurityProtocol

      public void setSecurityProtocol(LDAPHelper.ProtocolType securityProtocol)

    • setReadTimeout

      public void setReadTimeout(Long readTimeout)

    • setUserSearchBase

      public void setUserSearchBase(String userSearchBase)

    • setUserSearchFilter

      public void setUserSearchFilter(String userSearchFilter)

    • setUserListFilter

      public void setUserListFilter(String userListFilter)

    • setRoleNameAttribute

      public void setRoleNameAttribute(String roleNameAttribute)

    • setFullNameAttribute

      public void setFullNameAttribute(String fullNameAttribute)

    • setBadgeAttribute

      public void setBadgeAttribute(String badgeAttribute)

    • setBadgeSearchFilter

      public void setBadgeSearchFilter(String badgeSearchFilter)

    • setUserRoleAttribute

      public void setUserRoleAttribute(String userRoleAttribute)

    • setEmailAttribute

      public void setEmailAttribute(String emailAttribute)

    • setPhoneAttribute

      public void setPhoneAttribute(String phoneAttribute)

    • setSmsAttribute

      public void setSmsAttribute(String smsAttribute)

    • setPageSize

      public void setPageSize(int size)

    • setSSOEnabled

      public void setSSOEnabled(boolean enabled)

    • setSSODomain

      public void setSSODomain(String ssoDomain)

    • setSaslConfig

      public void setSaslConfig(SASLConfig saslConfig)

    • setReferral

      public void setReferral(LDAPHelper.ReferralType referral)