List of usage examples for org.springframework.security.ldap SpringSecurityLdapTemplate searchForSingleAttributeValues
public Set<String> searchForSingleAttributeValues(final String base, final String filter, final Object[] params, final String attributeName)
From source file:no.dusken.common.plugin.ldapplugin.auth.DuskenLdapAuthoritiesPopulator.java
/** * This method should be overridden if required to obtain any additional * roles for the given user (on top of those obtained from the standard * search implemented by this class).// w w w. j a v a 2s. co m * * @param user the context representing the user who's roles are required * @param username the username representing the user who's roles are required * @return the extra roles which will be merged with those returned by the group search */ @Override protected Set<GrantedAuthority> getAdditionalRoles(DirContextOperations user, String username) { // this is like "employeeNumber: 396" String employeeNumberString = user.getStringAttribute("employeeNumber"); // get the last number employeeNumberString = employeeNumberString.replaceFirst("employeeNumber: ", ""); Long employeeNumber = Long.parseLong(employeeNumberString); // I need this: SpringSecurityLdapTemplate ldapTemplate = new SpringSecurityLdapTemplate(getContextSource()); String groupSearchFilter = "memberID=" + employeeNumber; //noinspection unchecked Set<String> userRoles = ldapTemplate.searchForSingleAttributeValues(getGroupSearchBase(), groupSearchFilter, new String[] { user.getDn().toString(), username }, "roleName"); Set<GrantedAuthority> set = new HashSet<GrantedAuthority>(); for (String role : userRoles) { set.add(new GrantedAuthorityImpl("ROLE_" + role.toUpperCase().replaceAll(" ", "_"))); } return set; }
From source file:org.geoserver.security.ldap.BindingLdapAuthoritiesPopulator.java
public Set<GrantedAuthority> getGroupMembershipRoles(final DirContext ctx, String userDn, String username) { if (getGroupSearchBase() == null) { return new HashSet<GrantedAuthority>(); }/*from w w w . j a v a 2 s . co m*/ Set<GrantedAuthority> authorities = new HashSet<GrantedAuthority>(); if (logger.isDebugEnabled()) { logger.debug("Searching for roles for user '" + username + "', DN = " + "'" + userDn + "', with filter " + groupSearchFilter + " in search base '" + getGroupSearchBase() + "'"); } SpringSecurityLdapTemplate authTemplate; if (ctx == null) { authTemplate = ldapTemplate; } else { // if we have the authenticated context we build a new LdapTemplate // using it authTemplate = new SpringSecurityLdapTemplate(new ContextSource() { @Override public DirContext getReadOnlyContext() throws NamingException { return ctx; } @Override public DirContext getReadWriteContext() throws NamingException { return ctx; } @Override public DirContext getContext(String principal, String credentials) throws NamingException { return ctx; } }); } Set<String> userRoles = authTemplate.searchForSingleAttributeValues(getGroupSearchBase(), groupSearchFilter, new String[] { userDn, username }, groupRoleAttribute); if (logger.isDebugEnabled()) { logger.debug("Roles from search: " + userRoles); } for (String role : userRoles) { if (convertToUpperCase) { role = role.toUpperCase(); } authorities.add(new SimpleGrantedAuthority(rolePrefix + role)); } return authorities; }