Example 1 with LdapUserAttributesToRolesAuthorizationGenerator
use of org.apereo.cas.authorization.LdapUserAttributesToRolesAuthorizationGenerator in project cas by apereo.
the class CasManagementLdapAuthorizationConfiguration method authorizationGenerator.
@RefreshScope
@Bean
public AuthorizationGenerator authorizationGenerator() {
final LdapAuthorizationProperties ldapAuthz = casProperties.getMgmt().getLdap().getLdapAuthz();
final ConnectionFactory connectionFactory = Beans.newLdaptivePooledConnectionFactory(casProperties.getMgmt().getLdap());
if (StringUtils.isNotBlank(ldapAuthz.getGroupFilter()) && StringUtils.isNotBlank(ldapAuthz.getGroupAttribute())) {
return new LdapUserGroupsToRolesAuthorizationGenerator(connectionFactory, ldapAuthorizationGeneratorUserSearchExecutor(), ldapAuthz.isAllowMultipleResults(), ldapAuthz.getGroupAttribute(), ldapAuthz.getGroupPrefix(), ldapAuthorizationGeneratorGroupSearchExecutor());
}
return new LdapUserAttributesToRolesAuthorizationGenerator(connectionFactory, ldapAuthorizationGeneratorUserSearchExecutor(), ldapAuthz.isAllowMultipleResults(), ldapAuthz.getRoleAttribute(), ldapAuthz.getRolePrefix());
}
Also used :
LdapUserAttributesToRolesAuthorizationGenerator(org.apereo.cas.authorization.LdapUserAttributesToRolesAuthorizationGenerator)
LdapAuthorizationProperties(org.apereo.cas.configuration.model.support.ldap.LdapAuthorizationProperties)
ConnectionFactory(org.ldaptive.ConnectionFactory)
LdapUserGroupsToRolesAuthorizationGenerator(org.apereo.cas.authorization.LdapUserGroupsToRolesAuthorizationGenerator)
RefreshScope(org.springframework.cloud.context.config.annotation.RefreshScope)
Bean(org.springframework.context.annotation.Bean)
Example 2 with LdapUserAttributesToRolesAuthorizationGenerator
use of org.apereo.cas.authorization.LdapUserAttributesToRolesAuthorizationGenerator in project cas by apereo.
the class CasLdapUserDetailsManagerConfigurer method build.
private AuthorizationGenerator<CommonProfile> build() {
final LdapAuthorizationProperties ldapAuthz = adminPagesSecurityProperties.getLdap().getLdapAuthz();
final ConnectionFactory connectionFactory = Beans.newLdaptivePooledConnectionFactory(adminPagesSecurityProperties.getLdap());
if (isGroupBasedAuthorization()) {
LOGGER.debug("Handling LDAP authorization based on groups");
return new LdapUserGroupsToRolesAuthorizationGenerator(connectionFactory, ldapAuthorizationGeneratorUserSearchExecutor(), ldapAuthz.isAllowMultipleResults(), ldapAuthz.getGroupAttribute(), ldapAuthz.getGroupPrefix(), ldapAuthorizationGeneratorGroupSearchExecutor());
}
LOGGER.debug("Handling LDAP authorization based on attributes and roles");
return new LdapUserAttributesToRolesAuthorizationGenerator(connectionFactory, ldapAuthorizationGeneratorUserSearchExecutor(), ldapAuthz.isAllowMultipleResults(), ldapAuthz.getRoleAttribute(), ldapAuthz.getRolePrefix());
}
Also used :
LdapUserAttributesToRolesAuthorizationGenerator(org.apereo.cas.authorization.LdapUserAttributesToRolesAuthorizationGenerator)
LdapAuthorizationProperties(org.apereo.cas.configuration.model.support.ldap.LdapAuthorizationProperties)
ConnectionFactory(org.ldaptive.ConnectionFactory)
LdapUserGroupsToRolesAuthorizationGenerator(org.apereo.cas.authorization.LdapUserGroupsToRolesAuthorizationGenerator)
Aggregations
LdapUserAttributesToRolesAuthorizationGenerator (org.apereo.cas.authorization.LdapUserAttributesToRolesAuthorizationGenerator)2
LdapUserGroupsToRolesAuthorizationGenerator (org.apereo.cas.authorization.LdapUserGroupsToRolesAuthorizationGenerator)2
LdapAuthorizationProperties (org.apereo.cas.configuration.model.support.ldap.LdapAuthorizationProperties)2
ConnectionFactory (org.ldaptive.ConnectionFactory)2
RefreshScope (org.springframework.cloud.context.config.annotation.RefreshScope)1
Bean (org.springframework.context.annotation.Bean)1
