Example 1 with StorageOSLdapPersonAttributeDao
use of com.emc.storageos.auth.ldap.StorageOSLdapPersonAttributeDao in project coprhd-controller by CoprHD.
the class ImmutableAuthenticationProviders method createLDAPAttributeRepository.
/**
* Create the AD/LDAP attribute repository
*
* @param authenticationConfiguration AD/LDAP provider configuration
* @param servers AD/LDAP servers
* @param returningAttributes list of attributes to return
* @return StorageOSLdapPersonAttributeDao attribute repository for this configuration
* @throws Exception
*/
private static StorageOSLdapPersonAttributeDao createLDAPAttributeRepository(DbClient dbclient, CoordinatorClient coordinator, final AuthnProvider authenticationConfiguration, LdapServerList servers, String[] returningAttributes) {
GroupWhiteList groupWhiteList = createGroupWhiteList(authenticationConfiguration);
StorageOSLdapPersonAttributeDao attributeRepository = new StorageOSLdapPersonAttributeDao();
attributeRepository.setLdapServers(servers);
attributeRepository.setDbClient(dbclient);
attributeRepository.setGroupWhiteList(groupWhiteList);
if (null != authenticationConfiguration.getMaxPageSize()) {
attributeRepository.setMaxPageSize(authenticationConfiguration.getMaxPageSize());
}
SearchControls searchControls = new SearchControls();
searchControls.setCountLimit(SEARCH_CTL_COUNT_LIMIT);
searchControls.setTimeLimit(SystemPropertyUtil.getLdapConnectionTimeout(coordinator) * 1000);
searchControls.setSearchScope(convertSearchScope(authenticationConfiguration.getSearchScope()));
searchControls.setReturningAttributes(returningAttributes);
attributeRepository.setSearchControls(searchControls);
if (null == authenticationConfiguration.getSearchFilter()) {
throw APIException.badRequests.failedToCreateAuthenticationHandlerSearchFilterCannotBeNull(authenticationConfiguration.getId());
} else {
attributeRepository.setFilter(authenticationConfiguration.getSearchFilter());
}
if (null == authenticationConfiguration.getSearchBase()) {
throw APIException.badRequests.failedToCreateAuthenticationHandlerSearchBaseCannotBeNull(authenticationConfiguration.getId());
} else {
attributeRepository.setBaseDN(authenticationConfiguration.getSearchBase());
}
return attributeRepository;
}
Also used :
StorageOSLdapPersonAttributeDao(com.emc.storageos.auth.ldap.StorageOSLdapPersonAttributeDao)
GroupWhiteList(com.emc.storageos.auth.ldap.GroupWhiteList)
SearchControls(javax.naming.directory.SearchControls)
Example 2 with StorageOSLdapPersonAttributeDao
use of com.emc.storageos.auth.ldap.StorageOSLdapPersonAttributeDao in project coprhd-controller by CoprHD.
the class ImmutableAuthenticationProviders method getLDAPProvider.
/**
* Add an LDAP authentication configuration
*
* @param authenticationConfiguration authentication provider config object
*/
private static AuthenticationProvider getLDAPProvider(CoordinatorClient coordinator, final AuthnProvider authenticationConfiguration, final DbClient dbclient) {
LdapServerList servers = createLdapServerList(coordinator, authenticationConfiguration, SystemPropertyUtil.getLdapConnectionTimeout(coordinator));
StorageOSLdapAuthenticationHandler authHandler = createLdapAuthenticationHandler(authenticationConfiguration, servers);
String[] returningAttributes = new String[] { StorageOSLdapPersonAttributeDao.COMMON_NAME, StorageOSLdapPersonAttributeDao.LDAP_DISTINGUISHED_NAME };
StorageOSLdapPersonAttributeDao attributeRepository = createLDAPAttributeRepository(dbclient, coordinator, authenticationConfiguration, servers, returningAttributes);
attributeRepository.setProviderType(ProvidersType.ldap);
// This is done here to differentiate with ActiveDirectory authn provider.
// If we do it in the common createLDAPAttributeRepository(), there is no way
// differentiate the AD and LDAP auth providers.
setGroupObjectClassesAndMemberAttributes(authenticationConfiguration, attributeRepository);
_log.debug("Adding LDAP mode auth handler to map");
return new AuthenticationProvider(authHandler, attributeRepository);
}
Also used :
StorageOSLdapPersonAttributeDao(com.emc.storageos.auth.ldap.StorageOSLdapPersonAttributeDao)
StorageOSLdapAuthenticationHandler(com.emc.storageos.auth.ldap.StorageOSLdapAuthenticationHandler)
Example 3 with StorageOSLdapPersonAttributeDao
use of com.emc.storageos.auth.ldap.StorageOSLdapPersonAttributeDao in project coprhd-controller by CoprHD.
the class ImmutableAuthenticationProviders method getActiveDirectoryProvider.
/**
* Add an active directory authentication configuration
*
* @param authenticationConfiguration provider configuration object
* @param dbclient
*/
private static AuthenticationProvider getActiveDirectoryProvider(CoordinatorClient coordinator, final AuthnProvider authenticationConfiguration, DbClient dbclient) {
LdapServerList servers = createLdapServerList(coordinator, authenticationConfiguration, SystemPropertyUtil.getLdapConnectionTimeout(coordinator));
StorageOSLdapAuthenticationHandler authHandler = createLdapAuthenticationHandler(authenticationConfiguration, servers);
String[] returningAttributes = new String[] { StorageOSLdapPersonAttributeDao.COMMON_NAME, StorageOSLdapPersonAttributeDao.AD_DISTINGUISHED_NAME };
StorageOSLdapPersonAttributeDao attributeRepository = createLDAPAttributeRepository(dbclient, coordinator, authenticationConfiguration, servers, returningAttributes);
attributeRepository.setProviderType(ProvidersType.ad);
_log.debug("Adding AD mode auth handler to map");
return new AuthenticationProvider(authHandler, attributeRepository);
}
Also used :
StorageOSLdapPersonAttributeDao(com.emc.storageos.auth.ldap.StorageOSLdapPersonAttributeDao)
StorageOSLdapAuthenticationHandler(com.emc.storageos.auth.ldap.StorageOSLdapAuthenticationHandler)
Aggregations
StorageOSLdapPersonAttributeDao (com.emc.storageos.auth.ldap.StorageOSLdapPersonAttributeDao)3
StorageOSLdapAuthenticationHandler (com.emc.storageos.auth.ldap.StorageOSLdapAuthenticationHandler)2
GroupWhiteList (com.emc.storageos.auth.ldap.GroupWhiteList)1
SearchControls (javax.naming.directory.SearchControls)1
