Overview  Package   Class  Use  Tree  Deprecated  Index  Help 
 PREV CLASS   NEXT CLASS FRAMES    NO FRAMES    
SUMMARY: NESTED | FIELD | CONSTR | METHOD DETAIL: FIELD | CONSTR | METHOD

org.blojsom.authorization
Class LDAPAuthorizationProvider

java.lang.Object
  extended byorg.blojsom.authorization.PropertiesAuthorizationProvider
      extended byorg.blojsom.authorization.LDAPAuthorizationProvider
All Implemented Interfaces:
AuthorizationProvider, BlojsomConstants
public class LDAPAuthorizationProvider
extends PropertiesAuthorizationProvider
implements BlojsomConstants

LDAPAuthorizationProvider

This implementation authenticates a user against an LDAP server. The user name must be the same as that of their LDAP user (uid). There are two ways to configure this in terms of the accepted users. The first is where only the blog owner can edit the blog. To use this technique, delete the authorization.properties file from the user's blog directory. The lack of this file tells the authorization logic to use the blog owner as the UID for LDAP authentication. The second way provides multiple user editing of a blog. This second way utilizes the authorization.properties file's user names (it ignores passwords and other data). Incoming authorization requests have the user name checked to see if it is listed in the authorization.properties file (indicating a user who is allowed to edit this blog). If it is in the list, this username is used as the LDAP UID. This class/implementation requires LDAP protocol version 3. You must set the configuration values defined by the BlojsomConstants: BLOG_LDAP_AUTHORIZATION_SERVER_IP, BLOG_LDAP_AUTHORIZATION_DN_IP, and BLOG_LDAP_AUTHORIZATION_PORT_IP (optional).

Note, this implementation currently requires the Mozilla LDAP Java SDK. See http://www.mozilla.org/directory/.

Since:
blojsom 2.22
Version:
$Id: LDAPAuthorizationProvider.java,v 1.9 2006/04/24 16:52:13 czarneckid Exp $
Author:
Christopher Bailey

Field Summary
 
Fields inherited from class org.blojsom.authorization.PropertiesAuthorizationProvider
_baseConfigurationDirectory, _servletConfig
 
Fields inherited from interface org.blojsom.util.BlojsomConstants
ADMINISTRATORS_IP, BLOG_ADMIN_URL_IP, BLOG_ADMINISTRATION_LOCALE_IP, BLOG_AUTHORIZATION_IP, BLOG_BASE_URL_IP, BLOG_BLACKLIST_FILE_IP, BLOG_COMMENTS_DIRECTORY_IP, BLOG_COMMENTS_ENABLED_IP, BLOG_COUNTRY_DEFAULT, BLOG_COUNTRY_IP, BLOG_DEFAULT_CATEGORY_EXCLUSION_MAPPING_IP, BLOG_DEFAULT_CATEGORY_MAPPING_IP, BLOG_DEFAULT_FETCHER, BLOG_DEFAULT_FILE_EXTENSION_IP, BLOG_DEFAULT_FLAVOR_IP, BLOG_DEFAULT_PROPERTIES, BLOG_DEPTH_IP, BLOG_DESCRIPTION_IP, BLOG_DIRECTORY_FILTER_IP, BLOG_EMAIL_ENABLED_IP, BLOG_ENTRIES_DISPLAY_DEFAULT, BLOG_ENTRIES_DISPLAY_IP, BLOG_ENTRY_META_DATA_EXTENSION_IP, BLOG_FILE_ENCODING_IP, BLOG_FILE_EXTENSIONS_IP, BLOG_HOME_IP, BLOG_LANGUAGE_DEFAULT, BLOG_LANGUAGE_IP, BLOG_NAME_IP, BLOG_OWNER, BLOG_OWNER_EMAIL, BLOG_PERMISSIONS_IP, BLOG_PINGBACKS_DIRECTORY_IP, BLOG_PINGBACKS_ENABLED_IP, BLOG_PROPERTIES_EXTENSIONS_IP, BLOG_TRACKBACK_DIRECTORY_IP, BLOG_TRACKBACKS_ENABLED_IP, BLOG_URL_IP, BLOJSOM_ALL_CATEGORIES, BLOJSOM_AUTHORIZATION_PROVIDER_IP, BLOJSOM_BLOG, BLOJSOM_BLOG_HOME_IP, BLOJSOM_BROADCASTER_IP, BLOJSOM_CATEGORIES, BLOJSOM_COMMENTS_ENABLED, BLOJSOM_CONFIGURATION_BASE_DIRECTORY_IP, BLOJSOM_CONFIGURATION_IP, BLOJSOM_DATE, BLOJSOM_DATE_ISO8601, BLOJSOM_DATE_OBJECT, BLOJSOM_DATE_UTC, BLOJSOM_DEFAULT_BROADCASTER, BLOJSOM_DEFAULT_CONFIGURATION_BASE_DIRECTORY, BLOJSOM_DEFAULT_RESOURCE_DIRECTORY, BLOJSOM_DEFAULT_RESOURCE_MANAGER, BLOJSOM_DEFAULT_TEMPLATES_DIRECTORY, BLOJSOM_DEFAULT_USER_IP, BLOJSOM_EMAIL_ENABLED, BLOJSOM_ENTRIES, BLOJSOM_FETCHER_IP, BLOJSOM_FLAVOR_CONFIGURATION_IP, BLOJSOM_INSTALLATION_DIRECTORY_IP, BLOJSOM_INSTALLED_LOCALES_IP, BLOJSOM_LAST_MODIFIED, BLOJSOM_LISTENER_CONFIGURATION_IP, BLOJSOM_PERMALINK, BLOJSOM_PERMALINK_NEXT_ENTRY, BLOJSOM_PERMALINK_PREVIOUS_ENTRY, BLOJSOM_PLUGIN_CHAIN, BLOJSOM_PLUGIN_CONFIGURATION_IP, BLOJSOM_PLUGINS, BLOJSOM_REQUESTED_CATEGORY, BLOJSOM_REQUESTED_FLAVOR, BLOJSOM_RESOURCE_DIRECTORY_IP, BLOJSOM_RESOURCE_MANAGER_BUNDLES_IP, BLOJSOM_RESOURCE_MANAGER_CONTEXT_KEY, BLOJSOM_RESOURCE_MANAGER_IP, BLOJSOM_SITE_URL, BLOJSOM_TEMPLATES_DIRECTORY_IP, BLOJSOM_USER, BLOJSOM_USERS_IP, BLOJSOM_VERSION, BLOJSOM_VERSION_NUMBER, CACHE_CONTROL_HTTP_HEADER, CATEGORY_PARAM, COMMENT_EXTENSION, DEFAULT_AUTHORIZATION_PROVIDER, DEFAULT_COMMENTS_DIRECTORY, DEFAULT_DIGEST_ALGORITHM, DEFAULT_DISPATCHER_CONFIGURATION_FILE, DEFAULT_ENTRY_EXTENSION, DEFAULT_FLAVOR_CONFIGURATION_FILE, DEFAULT_FLAVOR_HTML, DEFAULT_METADATA_EXTENSION, DEFAULT_PERMISSIONS_CONFIGURATION_FILE, DEFAULT_PINGBACKS_DIRECTORY, DEFAULT_PLUGIN_CONFIGURATION_FILE, DEFAULT_PROPERTIES_EXTENSIONS, DEFAULT_TRACKBACK_DIRECTORY, DESCRIPTION_KEY, DIGEST_ALGORITHM, FLAVOR_PARAM, HTTP_ETAG, HTTP_LASTMODIFIED, INFINITE_BLOG_DEPTH, ISO_8601_DATE_FORMAT, LINE_SEPARATOR, LINEAR_NAVIGATION_ENABLED_IP, MAX_HASHABLE_LENGTH, NAME_KEY, NO_CACHE_HTTP_HEADER_VALUE, OVERRIDE_LASTMODIFIED_PARAM, PAGE_PARAM, PAGE_PARAM_ARCHIVE, PERMALINK_PARAM, PINGBACK_EXTENSION, PLUGINS_PARAM, PRAGMA_HTTP_HEADER, PREFERRED_SYNDICATION_FLAVOR, RECURSIVE_CATEGORIES, REDIRECT_TO_PARAM, RFC_822_DATE_FORMAT, SHORT_ISO_8601_DATE_FORMAT, TRACKBACK_EXTENSION, USE_ENCRYPTED_PASSWORDS, UTC_DATE_FORMAT, UTF8, WHITESPACE, XMLRPC_ENABLED_IP
 
Constructor Summary
LDAPAuthorizationProvider()
          Default constructor
 
Method Summary
 void authorize(BlogUser blogUser, java.util.Map authorizationContext, java.lang.String username, java.lang.String password)
          Authorize a username and password for the given BlogUser
protected  java.lang.String getBaseDN()
          Return the LDAP base DN
protected  java.lang.String getDN(java.lang.String username)
          Get the DN for a given username
protected  int getPort()
          Return the LDAP server port
protected  java.lang.String getServer()
          Return the LDAP server name
 void init(javax.servlet.ServletConfig servletConfig, BlojsomConfiguration blojsomConfiguration)
          Initialization method for the authorization provider
 void loadAuthenticationCredentials(BlogUser blogUser)
          Loads/configures the authentication credentials for a given blog.
 
Methods inherited from class org.blojsom.authorization.PropertiesAuthorizationProvider
checkPermission
 
Methods inherited from class java.lang.Object
clone, equals, finalize, getClass, hashCode, notify, notifyAll, toString, wait, wait, wait
 

Constructor Detail

LDAPAuthorizationProvider

public LDAPAuthorizationProvider()
Default constructor

Method Detail

init

public void init(javax.servlet.ServletConfig servletConfig,
                 BlojsomConfiguration blojsomConfiguration)
          throws BlojsomConfigurationException
Initialization method for the authorization provider

Specified by:
init in interface AuthorizationProvider
Overrides:
init in class PropertiesAuthorizationProvider
Parameters:
servletConfig - ServletConfig for obtaining any initialization parameters
blojsomConfiguration - BlojsomConfiguration for blojsom-specific configuration information
Throws:
BlojsomConfigurationException - If there is an error initializing the provider

loadAuthenticationCredentials

public void loadAuthenticationCredentials(BlogUser blogUser)
                                   throws BlojsomException
Loads/configures the authentication credentials for a given blog.

Specified by:
loadAuthenticationCredentials in interface AuthorizationProvider
Overrides:
loadAuthenticationCredentials in class PropertiesAuthorizationProvider
Parameters:
blogUser - BlogUser
Throws:
BlojsomException - If there is an error loading the user's authentication credentials

authorize

public void authorize(BlogUser blogUser,
                      java.util.Map authorizationContext,
                      java.lang.String username,
                      java.lang.String password)
               throws BlojsomException
Authorize a username and password for the given BlogUser

Specified by:
authorize in interface AuthorizationProvider
Overrides:
authorize in class PropertiesAuthorizationProvider
Parameters:
blogUser - BlogUser
authorizationContext - Map to be used to provide other information for authorization. This will change depending on the authorization provider. This parameter is not used in this implementation.
username - Username. In this implementation, this value must match that of the blog user's ID.
password - Password
Throws:
BlojsomException - If there is an error authorizing the username and password

getDN

protected java.lang.String getDN(java.lang.String username)
Get the DN for a given username

Parameters:
username - Username
Returns:
DN for a given username or null if there is an exception in lookup

getServer

protected java.lang.String getServer()
Return the LDAP server name

Returns:
LDAP server name

getPort

protected int getPort()
Return the LDAP server port

Returns:
LDAP server port

getBaseDN

protected java.lang.String getBaseDN()
Return the LDAP base DN

Returns:
LDAP base DN
Overview  Package   Class  Use  Tree  Deprecated  Index  Help 
 PREV CLASS   NEXT CLASS FRAMES    NO FRAMES    
SUMMARY: NESTED | FIELD | CONSTR | METHOD DETAIL: FIELD | CONSTR | METHOD