com.atlassian.crowd.integration.directory.delegated
Class DelegatedAuthenticationDirectory

java.lang.Object
  com.atlassian.crowd.integration.model.DirectoryEntity
      com.atlassian.crowd.integration.directory.internal.InternalDirectory
          com.atlassian.crowd.integration.directory.delegated.DelegatedAuthenticationDirectory

All Implemented Interfaces:

BatchingRemoteDirectory, RemoteDirectory, NamedEntity, java.io.Serializable, java.lang.Comparable<DirectoryEntity>

public class DelegatedAuthenticationDirectory
extends InternalDirectory

This implementation of a RemoteDirectory provides delegated authentication to an underlying remote LDAP implementation.

In essence this means that a Principal's groups and roles are managed internally to Crowd, but all actions regarding authentication are delegated to the remote directory.

See Also:

Serialized Form

Field Summary

static java.lang.String

DELEGATED_DIRECTORY_TYPE

Fields inherited from class com.atlassian.crowd.integration.directory.internal.InternalDirectory

ATTRIBUTE_PASSWORD_HISTORY_COUNT, ATTRIBUTE_PASSWORD_MAX_ATTEMPTS, ATTRIBUTE_PASSWORD_MAX_CHANGE_TIME, ATTRIBUTE_PASSWORD_REGEX, ATTRIBUTE_USER_ENCRYPTION_METHOD, NAME

Fields inherited from class com.atlassian.crowd.integration.model.DirectoryEntity

active, attributes, conception, description, directoryID, ID, lastModified, name

Constructor Summary

DelegatedAuthenticationDirectory()

Method Summary

RemotePrincipal	addPrincipal(RemotePrincipal principal) Adds a principal to the directory store.
void	addPrincipalToGroup(java.lang.String principalName, java.lang.String groupName) Adds a principal to a group.
void	addPrincipalToRole(java.lang.String principalName, java.lang.String roleName) Adds a principal to a role.
RemotePrincipal	authenticate(java.lang.String name, PasswordCredential[] credentials) Authenticates a principal verses the directory store.
protected void	encryptCredentials(java.util.List credentials)
java.util.List<RemoteGroup>	findGroupMemberships(java.lang.String principalName) Returns a list of groups that a principal is a member of.
RemotePrincipal	findPrincipalByName(java.lang.String principalName) Finds the principal that matches the supplied name.
java.util.List<RemoteRole>	findRoleMemberships(java.lang.String principalName) Returns a list of roles that a principal is a member of.
protected RemoteDirectory	getDelegatedDirectory()
java.lang.String	getDirectoryType() Returns the name of the type of directory.
boolean	isGroupMember(java.lang.String group, java.lang.String principalName) Checks if a principal is a direct OR nested member of a group.
boolean	isRoleMember(java.lang.String roleName, java.lang.String principalName) Checks if a principal is a member of a role.
void	removePrincipal(java.lang.String principalName) Removes the principal that matches the supplied name.
void	removePrincipalFromGroup(java.lang.String principalName, java.lang.String groupName) Removes a principal from a group.
void	removePrincipalFromRole(java.lang.String principalName, java.lang.String roleName) Removes a principal from a role.
java.util.List<RemotePrincipal>	searchPrincipals(SearchContext searchContext) Search for all principals who match the supplied search criteria.
void	setDirectoryInstanceLoader(DirectoryInstanceLoader directoryInstanceLoader)
void	setI18nHelper(I18nHelper i18nHelper)
void	testConnection() Test if a connection to the directory server can be established.
RemotePrincipal	updatePrincipal(RemotePrincipal principal) Updates the principal by the name attribute.
void	updatePrincipalCredential(java.lang.String principalName, PasswordCredential credential) Updates the password credential for a principal.
protected void	validateRegex(PasswordCredential credential)

Methods inherited from class com.atlassian.crowd.integration.directory.internal.InternalDirectory

addAllGroups, addAllPrincipals, addAllPrincipalsToGroup, addAllPrincipalsToRole, addAllRoles, addGroup, addGroupToGroup, addRole, currentPrincipalInvalidPasswordAttempts, findAllGroupMembers, findAllRoleMembers, findGroupByName, findGroupByName, findGroupsByNames, findPrincipalsByNames, findRoleByName, findRolesByNames, getDirectoryID, getUserEncryptionMethod, isDirectGroupMember, removeGroup, removeGroupFromGroup, removeRole, requiresPasswordChange, searchGroups, searchRoles, setDirectoryDAO, setDirectoryID, setGroupDAO, setGroupMembershipDAO, setPasswordEncoderFactory, setPasswordHelper, setPrincipalDAO, setRoleDAO, setRoleMembershipDAO, setUserEncryptionMethod, supportsNestedGroups, updateGroup, updateRole

Methods inherited from class com.atlassian.crowd.integration.model.DirectoryEntity

compareTo, equals, getAttribute, getAttributeBooleanValue, getAttributes, getConception, getDescription, getID, getLastModified, getName, getSingleAttributeLongValue, getSingleAttributeValue, hashCode, isActive, setActive, setAttribute, setAttributes, setConception, setDescription, setID, setLastModified, setName, setOrReplaceAttribute, setOrReplaceAttribute, toString

Methods inherited from class java.lang.Object

clone, finalize, getClass, notify, notifyAll, wait, wait, wait

Methods inherited from interface com.atlassian.crowd.integration.directory.RemoteDirectory

getAttributes, getID, setAttributes, setID

Field Detail

DELEGATED_DIRECTORY_TYPE

public static final java.lang.String DELEGATED_DIRECTORY_TYPE

See Also:

Constant Field Values

Constructor Detail

DelegatedAuthenticationDirectory

public DelegatedAuthenticationDirectory()

Method Detail

addPrincipal

public RemotePrincipal addPrincipal(RemotePrincipal principal)
                             throws InvalidPrincipalException,
                                    InvalidCredentialException

Description copied from interface: RemoteDirectory

Adds a principal to the directory store.

Specified by:

addPrincipal in interface RemoteDirectory

Overrides:

addPrincipal in class InternalDirectory

Parameters:

principal - The principal to add.

Returns:

The principal with any updated attributes.

Throws:

InvalidPrincipalException - The supplied principal is invalid.

InvalidCredentialException - The supplied credential(s) are invalid.

authenticate

public RemotePrincipal authenticate(java.lang.String name,
                                    PasswordCredential[] credentials)
                             throws java.rmi.RemoteException,
                                    InvalidPrincipalException,
                                    InactiveAccountException,
                                    InvalidAuthenticationException

Description copied from interface: RemoteDirectory

Authenticates a principal verses the directory store.

Specified by:

authenticate in interface RemoteDirectory

Overrides:

authenticate in class InternalDirectory

Parameters:

name - The name of the principal.

credentials - The supplied credentials.

Returns:

The populated principal if the authentication is valid.

Throws:

java.rmi.RemoteException - There was a problem with the directory.

InvalidPrincipalException - The supplied principal is invalid.

InactiveAccountException - The supplied principal is inactive.

InvalidAuthenticationException - The supplied authentication is invalid.

isGroupMember

public boolean isGroupMember(java.lang.String group,
                             java.lang.String principalName)
                      throws ObjectNotFoundException

Description copied from interface: RemoteDirectory

Checks if a principal is a direct OR nested member of a group.

Specified by:

isGroupMember in interface RemoteDirectory

Overrides:

isGroupMember in class InternalDirectory

Parameters:

group - The group name.

principalName - The principal name.

Returns:

true if and only if the principal is a member of the group, otherwise false.

Throws:

ObjectNotFoundException - If the group or principal cannot be found

searchPrincipals

public java.util.List<RemotePrincipal> searchPrincipals(SearchContext searchContext)
                                                 throws InvalidSearchTermException

Description copied from interface: RemoteDirectory

Search for all principals who match the supplied search criteria.

Specified by:

searchPrincipals in interface RemoteDirectory

Overrides:

searchPrincipals in class InternalDirectory

Parameters:

searchContext - The search criteria.

Returns:

The search results.

Throws:

InvalidSearchTermException - The search terms provided were invalid

findPrincipalByName

public RemotePrincipal findPrincipalByName(java.lang.String principalName)
                                    throws ObjectNotFoundException

Description copied from interface: RemoteDirectory

Finds the principal that matches the supplied name.

Specified by:

findPrincipalByName in interface RemoteDirectory

Overrides:

findPrincipalByName in class InternalDirectory

Parameters:

principalName - The name of the principal.

Returns:

The populated principal.

Throws:

ObjectNotFoundException - The principal does not exist.

updatePrincipal

public RemotePrincipal updatePrincipal(RemotePrincipal principal)
                                throws ObjectNotFoundException

Description copied from interface: RemoteDirectory

Updates the principal by the name attribute.

Specified by:

updatePrincipal in interface RemoteDirectory

Overrides:

updatePrincipal in class InternalDirectory

Parameters:

principal - The principal to update.

Returns:

The populated principal.

Throws:

ObjectNotFoundException - The principal does not exist.

addPrincipalToGroup

public void addPrincipalToGroup(java.lang.String principalName,
                                java.lang.String groupName)
                         throws ObjectNotFoundException

Description copied from interface: RemoteDirectory

Adds a principal to a group.

Specified by:

addPrincipalToGroup in interface RemoteDirectory

Overrides:

addPrincipalToGroup in class InternalDirectory

Parameters:

principalName - The name of the principal.

groupName - The name of the group.

Throws:

ObjectNotFoundException - if principal or group cannot be found.

removePrincipalFromGroup

public void removePrincipalFromGroup(java.lang.String principalName,
                                     java.lang.String groupName)
                              throws ObjectNotFoundException

Description copied from interface: RemoteDirectory

Removes a principal from a group.

Specified by:

removePrincipalFromGroup in interface RemoteDirectory

Overrides:

removePrincipalFromGroup in class InternalDirectory

Parameters:

principalName - The name of the principal.

groupName - The name of the group.

Throws:

ObjectNotFoundException - if principal or group cannot be found.

addPrincipalToRole

public void addPrincipalToRole(java.lang.String principalName,
                               java.lang.String roleName)
                        throws ObjectNotFoundException

Description copied from interface: RemoteDirectory

Adds a principal to a role.

Specified by:

addPrincipalToRole in interface RemoteDirectory

Overrides:

addPrincipalToRole in class InternalDirectory

Parameters:

principalName - The name of the principal.

roleName - The name of the role.

Throws:

ObjectNotFoundException - if principal or role cannot be found.

removePrincipalFromRole

public void removePrincipalFromRole(java.lang.String principalName,
                                    java.lang.String roleName)
                             throws ObjectNotFoundException

Description copied from interface: RemoteDirectory

Removes a principal from a role.

Specified by:

removePrincipalFromRole in interface RemoteDirectory

Overrides:

removePrincipalFromRole in class InternalDirectory

Parameters:

principalName - The name of the principal.

roleName - The name of the role.

Throws:

ObjectNotFoundException - if principal or role cannot be found.

removePrincipal

public void removePrincipal(java.lang.String principalName)
                     throws ObjectNotFoundException

Description copied from interface: RemoteDirectory

Removes the principal that matches the supplied name.

Specified by:

removePrincipal in interface RemoteDirectory

Overrides:

removePrincipal in class InternalDirectory

Parameters:

principalName - The name of the principal.

Throws:

ObjectNotFoundException - The principal does not exist.

updatePrincipalCredential

public void updatePrincipalCredential(java.lang.String principalName,
                                      PasswordCredential credential)
                               throws ObjectNotFoundException,
                                      InvalidCredentialException

Description copied from interface: RemoteDirectory

Updates the password credential for a principal.

Specified by:

updatePrincipalCredential in interface RemoteDirectory

Overrides:

updatePrincipalCredential in class InternalDirectory

Parameters:

principalName - The name of the principal.

credential - The new credential.

Throws:

ObjectNotFoundException - The principal does not exist.

InvalidCredentialException - The supplied credential is invalid.

testConnection

public void testConnection()
                    throws java.rmi.RemoteException

Description copied from interface: RemoteDirectory

Test if a connection to the directory server can be established.

Specified by:

testConnection in interface RemoteDirectory

Overrides:

testConnection in class InternalDirectory

Throws:

java.rmi.RemoteException - An unknown wire exception occurred.

isRoleMember

public boolean isRoleMember(java.lang.String roleName,
                            java.lang.String principalName)
                     throws ObjectNotFoundException

Description copied from interface: RemoteDirectory

Checks if a principal is a member of a role.

Specified by:

isRoleMember in interface RemoteDirectory

Overrides:

isRoleMember in class InternalDirectory

Parameters:

roleName - The group name.

principalName - The principal name.

Returns:

true if and only if the principal is a member of the role, otherwise false.

Throws:

ObjectNotFoundException - If the role or the principal don't exist

findGroupMemberships

public java.util.List<RemoteGroup> findGroupMemberships(java.lang.String principalName)
                                                 throws ObjectNotFoundException

Description copied from interface: RemoteDirectory

Returns a list of groups that a principal is a member of. NOTE: only returns direct group memberships, NOT nested memberships.

Specified by:

findGroupMemberships in interface RemoteDirectory

Overrides:

findGroupMemberships in class InternalDirectory

Parameters:

principalName - name of the principal.

Returns:

List of groups.

Throws:

ObjectNotFoundException - if principal cannot be found.

findRoleMemberships

public java.util.List<RemoteRole> findRoleMemberships(java.lang.String principalName)
                                               throws ObjectNotFoundException

Description copied from interface: RemoteDirectory

Returns a list of roles that a principal is a member of.

Specified by:

findRoleMemberships in interface RemoteDirectory

Overrides:

findRoleMemberships in class InternalDirectory

Parameters:

principalName - name of the principal.

Returns:

List of roles.

Throws:

ObjectNotFoundException - if principal cannot be found.

encryptCredentials

protected void encryptCredentials(java.util.List credentials)

Overrides:

encryptCredentials in class InternalDirectory

validateRegex

protected void validateRegex(PasswordCredential credential)
                      throws InvalidCredentialException

Overrides:

validateRegex in class InternalDirectory

Throws:

InvalidCredentialException

getDelegatedDirectory

protected RemoteDirectory getDelegatedDirectory()
                                         throws DirectoryInstantiationException

Throws:

DirectoryInstantiationException

getDirectoryType

public java.lang.String getDirectoryType()

Description copied from interface: RemoteDirectory

Returns the name of the type of directory.

Specified by:

getDirectoryType in interface RemoteDirectory

Overrides:

getDirectoryType in class InternalDirectory

Returns:

directory type.

setDirectoryInstanceLoader

public void setDirectoryInstanceLoader(DirectoryInstanceLoader directoryInstanceLoader)

setI18nHelper

public void setI18nHelper(I18nHelper i18nHelper)