com.atlassian.crowd.directory.ldap
Interface LDAPPropertiesMapper

All Known Implementing Classes:

LDAPPropertiesMapperImpl

public interface LDAPPropertiesMapper

Allows LDAP directory connectors to obtain LDAP settings, such as directory-specific names for RDNs.

Field Summary

static String	GROUP_DESCRIPTION_KEY Attribute key for the LDAP group description attribute.
static String	GROUP_DN_ADDITION Attribute key for the LDAP group base dn.
static String	GROUP_NAME_KEY Attribute key for the LDAP group name attribute.
static String	GROUP_OBJECTCLASS_KEY Attribute key for the LDAP group object class.
static String	GROUP_OBJECTFILTER_KEY Attribute key for the LDAP group object class.
static String	GROUP_USERNAMES_KEY Attribute key for the LDAP group membership attribute.
static String	LDAP_BASEDN_KEY Attribute key for the LDAP base DN.
static String	LDAP_CONNECTION_TIMEOUT Timeout stored in milliseconds when opening new server connections.
static String	LDAP_NESTED_GROUPS_DISABLED Key to fine whether or not we support nested groups for a given LDAP Directory
static String	LDAP_PAGEDRESULTS_KEY Attribute key for the LDAP paged results attribute.
static String	LDAP_PAGEDRESULTS_SIZE Attribute key for the LDAP paged results size attribute.
static String	LDAP_PASSWORD_KEY Attribute key for the LDAP password.
static String	LDAP_POOL_INITSIZE Initial size of connection pool, e.g.
static String	LDAP_POOL_MAXSIZE Maximum size of connection pool.
static String	LDAP_POOL_PREFSIZE Preferred size of connection pool.
static String	LDAP_POOL_TIMEOUT Idle time stored in milliseconds for a connection before it is removed from the pool.
static String	LDAP_POOLING_KEY Attribute key for connection pooling.
static String	LDAP_PROPOGATE_CHANGES Attribute key for the propagation of changes.
static String	LDAP_READ_TIMEOUT Timeout stored in milliseconds for search and other read operations.
static String	LDAP_REFERRAL_KEY Attribute key for the referral option.
static String	LDAP_RELAXED_DN_STANDARDISATION Key to decide whether we need full DN standardisation or can get away with faster, relaxed standardisation.
static String	LDAP_SEARCH_TIMELIMIT Time limit on searches stored in milliseconds.
static String	LDAP_SECURE_KEY Attribute key for the SSL required flag.
static String	LDAP_URL_KEY Attribute key for the LDAP url.
static String	LDAP_USER_ENCRYPTION_METHOD LDAP password encrypion algorithm, used for updating a Principal's password with the correct encryption algorithm
static String	LDAP_USERDN_KEY Attribute key for the LDAP user DN.
static String	LDAP_USING_USER_MEMBERSHIP_ATTRIBUTE Key to decide whether we use the "memberOf" attribute on a user when making queries.
static String	LDAP_USING_USER_MEMBERSHIP_ATTRIBUTE_FOR_GROUP_MEMBERSHIP Key to decide whether we use the "memberOf" attribute on a user when making queries.
static String	LOCAL_GROUPS Key to determine if using local storage for groups/group memberships.
static String	ROLE_DESCRIPTION_KEY Attribute key for the LDAP role description attribute.
static String	ROLE_DN_ADDITION Attribute key for the LDAP role base dn.
static String	ROLE_NAME_KEY Attribute key for the LDAP role name attribute.
static String	ROLE_OBJECTCLASS_KEY Attribute key for the LDAP role object class.
static String	ROLE_OBJECTFILTER_KEY Attribute key for the LDAP role object class.
static String	ROLE_USERNAMES_KEY Attribute key for the LDAP role membership attribute.
static String	ROLES_DISABLED If set, roles are disabled.
static String	USER_DISPLAYNAME_KEY Attribute key for the LDAP principal displayName (full name) attribute.
static String	USER_DN_ADDITION Attribute key for the LDAP principal base dn.
static String	USER_EMAIL_KEY Attribute key for the LDAP principal email attribute.
static String	USER_FIRSTNAME_KEY Attribute key for the LDAP principal lastname attribute.
static String	USER_GROUP_KEY Attribute key for the LDAP principal memberships attribute.
static String	USER_LASTNAME_KEY Attribute key for the LDAP principal firstname attribute.
static String	USER_OBJECTCLASS_KEY Attribute key for the LDAP principal object class.
static String	USER_OBJECTFILTER_KEY Attribute key for the LDAP role object class.
static String	USER_PASSWORD_KEY Attribute key for the LDAP principal password attribute.
static String	USER_USERNAME_KEY Attribute key for the LDAP principal name attribute.
static String	USER_USERNAME_RDN_KEY The name to be used when building a DN for the user.

Method Summary

String	getAttribute(String key)
Map<String,String>	getAttributes()
int	getCacheSynchroniseInterval() Returns the interval in seconds when the local Cache should be synchronized with LDAP.
Map<String,Properties>	getConfigurationDetails()
String	getConnectionURL()
Map<String,String>	getEnvironment()
String	getGroupDescriptionAttribute()
String	getGroupFilter()
String	getGroupMemberAttribute()
String	getGroupNameAttribute()
String	getGroupObjectClass()
Map<String,String>	getImplementations()
List<LdapTypeConfig>	getLdapTypeConfigurations() Get a list of Ldap Type Configuration objects.
String	getObjectClassAttribute()
int	getPagedResultsSize()
String	getPassword()
String	getRoleDescriptionAttribute() Deprecated.
String	getRoleFilter() Deprecated.
String	getRoleMemberAttribute() Deprecated.
String	getRoleNameAttribute() Deprecated.
String	getRoleObjectClass() Deprecated.
int	getSearchTimeLimit()
String	getUserDisplayNameAttribute()
String	getUserEmailAttribute()
String	getUserEncryptionMethod()
String	getUserFilter()
String	getUserFirstNameAttribute()
String	getUserGroupMembershipsAttribute() The attribute on a principal that specifies their group memberships (usually "memberOf").
String	getUserLastNameAttribute()
String	getUsername()
String	getUserNameAttribute()
String	getUserNameRdnAttribute()
String	getUserObjectClass()
String	getUserPasswordAttribute()
boolean	isLocalGroupsEnabled() Returns true if groups and group memberships are to be mutated only (created, updated, deleted) in local storage, otherwise the mutations will be propagated to the underlying LDAP implementation (full read-write LDAP groups).
boolean	isNestedGroupsDisabled()
boolean	isPagedResultsControl()
boolean	isReferral() Returns true if referrals should be followed.
boolean	isRelaxedDnStandardisation() Whether we should use the more expensive but completely cross-directory compatible method for standardising DNs when mapping object DNs and and memberDNs (value = false); or if we can use a more efficient but relaxed form of standardisation (value = true).
boolean	isRolesDisabled() Returns true if roles should be disabled, as in some caching setups.
boolean	isUsingUserMembershipAttribute() Whether we should use the "memberOf" (or equivalent) attribute in LDAP queries.
boolean	isUsingUserMembershipAttributeForGroupMembership() Whether we should use the "memberOf" (or equivalent) attribute when fetching the list of groups a user belongs to.
void	setAttributes(Map<String,String> attributes)

Field Detail

LDAP_URL_KEY

static final String LDAP_URL_KEY

Attribute key for the LDAP url.

See Also:

Constant Field Values

LDAP_SECURE_KEY

static final String LDAP_SECURE_KEY

Attribute key for the SSL required flag.

See Also:

Constant Field Values

LDAP_REFERRAL_KEY

static final String LDAP_REFERRAL_KEY

Attribute key for the referral option.

See Also:

Constant Field Values

LDAP_POOLING_KEY

static final String LDAP_POOLING_KEY

Attribute key for connection pooling.

See Also:

Constant Field Values

LDAP_BASEDN_KEY

static final String LDAP_BASEDN_KEY

Attribute key for the LDAP base DN.

See Also:

Constant Field Values

LDAP_USERDN_KEY

static final String LDAP_USERDN_KEY

Attribute key for the LDAP user DN.

See Also:

Constant Field Values

LDAP_PASSWORD_KEY

static final String LDAP_PASSWORD_KEY

Attribute key for the LDAP password.

See Also:

Constant Field Values

LDAP_PROPOGATE_CHANGES

static final String LDAP_PROPOGATE_CHANGES

Attribute key for the propagation of changes.

See Also:

Constant Field Values

GROUP_DN_ADDITION

static final String GROUP_DN_ADDITION

Attribute key for the LDAP group base dn.

See Also:

Constant Field Values

GROUP_DESCRIPTION_KEY

static final String GROUP_DESCRIPTION_KEY

Attribute key for the LDAP group description attribute.

See Also:

Constant Field Values

GROUP_NAME_KEY

static final String GROUP_NAME_KEY

Attribute key for the LDAP group name attribute.

See Also:

Constant Field Values

GROUP_OBJECTCLASS_KEY

static final String GROUP_OBJECTCLASS_KEY

Attribute key for the LDAP group object class.

See Also:

Constant Field Values

GROUP_OBJECTFILTER_KEY

static final String GROUP_OBJECTFILTER_KEY

Attribute key for the LDAP group object class.

See Also:

Constant Field Values

GROUP_USERNAMES_KEY

static final String GROUP_USERNAMES_KEY

Attribute key for the LDAP group membership attribute.

See Also:

Constant Field Values

ROLE_DN_ADDITION

static final String ROLE_DN_ADDITION

Attribute key for the LDAP role base dn.

See Also:

Constant Field Values

ROLE_DESCRIPTION_KEY

static final String ROLE_DESCRIPTION_KEY

Attribute key for the LDAP role description attribute.

See Also:

Constant Field Values

ROLE_NAME_KEY

static final String ROLE_NAME_KEY

Attribute key for the LDAP role name attribute.

See Also:

Constant Field Values

ROLE_OBJECTCLASS_KEY

static final String ROLE_OBJECTCLASS_KEY

Attribute key for the LDAP role object class.

See Also:

Constant Field Values

ROLE_OBJECTFILTER_KEY

static final String ROLE_OBJECTFILTER_KEY

Attribute key for the LDAP role object class.

See Also:

Constant Field Values

ROLE_USERNAMES_KEY

static final String ROLE_USERNAMES_KEY

Attribute key for the LDAP role membership attribute.

See Also:

Constant Field Values

USER_DN_ADDITION

static final String USER_DN_ADDITION

Attribute key for the LDAP principal base dn.

See Also:

Constant Field Values

USER_EMAIL_KEY

static final String USER_EMAIL_KEY

Attribute key for the LDAP principal email attribute.

See Also:

Constant Field Values

USER_FIRSTNAME_KEY

static final String USER_FIRSTNAME_KEY

Attribute key for the LDAP principal lastname attribute.

See Also:

Constant Field Values

USER_GROUP_KEY

static final String USER_GROUP_KEY

Attribute key for the LDAP principal memberships attribute.

See Also:

Constant Field Values

USER_LASTNAME_KEY

static final String USER_LASTNAME_KEY

Attribute key for the LDAP principal firstname attribute.

See Also:

Constant Field Values

USER_DISPLAYNAME_KEY

static final String USER_DISPLAYNAME_KEY

Attribute key for the LDAP principal displayName (full name) attribute.

See Also:

Constant Field Values

USER_OBJECTCLASS_KEY

static final String USER_OBJECTCLASS_KEY

Attribute key for the LDAP principal object class.

See Also:

Constant Field Values

USER_OBJECTFILTER_KEY

static final String USER_OBJECTFILTER_KEY

Attribute key for the LDAP role object class.

See Also:

Constant Field Values

USER_USERNAME_KEY

static final String USER_USERNAME_KEY

Attribute key for the LDAP principal name attribute.

See Also:

Constant Field Values

USER_USERNAME_RDN_KEY

static final String USER_USERNAME_RDN_KEY

The name to be used when building a DN for the user. In most cases this will be the same as {@see USER_USERNAME_KEY) but for Active Directory it's different. RDN = Relative Distinguished Name, or the part of the DN containing the username.

See Also:

Constant Field Values

USER_PASSWORD_KEY

static final String USER_PASSWORD_KEY

Attribute key for the LDAP principal password attribute.

See Also:

Constant Field Values

LDAP_PAGEDRESULTS_KEY

static final String LDAP_PAGEDRESULTS_KEY

Attribute key for the LDAP paged results attribute.

See Also:

Constant Field Values

LDAP_NESTED_GROUPS_DISABLED

static final String LDAP_NESTED_GROUPS_DISABLED

Key to fine whether or not we support nested groups for a given LDAP Directory

See Also:

Constant Field Values

LDAP_USING_USER_MEMBERSHIP_ATTRIBUTE

static final String LDAP_USING_USER_MEMBERSHIP_ATTRIBUTE

Key to decide whether we use the "memberOf" attribute on a user when making queries.

See Also:

Constant Field Values

LDAP_USING_USER_MEMBERSHIP_ATTRIBUTE_FOR_GROUP_MEMBERSHIP

static final String LDAP_USING_USER_MEMBERSHIP_ATTRIBUTE_FOR_GROUP_MEMBERSHIP

Key to decide whether we use the "memberOf" attribute on a user when making queries.

See Also:

Constant Field Values

LDAP_USER_ENCRYPTION_METHOD

static final String LDAP_USER_ENCRYPTION_METHOD

LDAP password encrypion algorithm, used for updating a Principal's password with the correct encryption algorithm

See Also:

Constant Field Values

LDAP_PAGEDRESULTS_SIZE

static final String LDAP_PAGEDRESULTS_SIZE

Attribute key for the LDAP paged results size attribute.

See Also:

Constant Field Values

LDAP_RELAXED_DN_STANDARDISATION

static final String LDAP_RELAXED_DN_STANDARDISATION

Key to decide whether we need full DN standardisation or can get away with faster, relaxed standardisation.

See Also:

Constant Field Values

ROLES_DISABLED

static final String ROLES_DISABLED

If set, roles are disabled. Needed for some event-based caching configurations.

See Also:

Constant Field Values

LOCAL_GROUPS

static final String LOCAL_GROUPS

Key to determine if using local storage for groups/group memberships.

See Also:

Constant Field Values

LDAP_POOL_INITSIZE

static final String LDAP_POOL_INITSIZE

Initial size of connection pool, e.g. number of connections to open at start-up. Default: 1

See Also:

Constant Field Values

LDAP_POOL_PREFSIZE

static final String LDAP_POOL_PREFSIZE

Preferred size of connection pool. Default: 10

See Also:

Constant Field Values

LDAP_POOL_MAXSIZE

static final String LDAP_POOL_MAXSIZE

Maximum size of connection pool. Zero means no maximum size. Default: 0

See Also:

Constant Field Values

LDAP_POOL_TIMEOUT

static final String LDAP_POOL_TIMEOUT

Idle time stored in milliseconds for a connection before it is removed from the pool. Default: 30 seconds (30000ms)

See Also:

Constant Field Values

LDAP_SEARCH_TIMELIMIT

static final String LDAP_SEARCH_TIMELIMIT

Time limit on searches stored in milliseconds. Zero means no limit. Default : 60 seconds (60000ms)

See Also:

Constant Field Values

LDAP_CONNECTION_TIMEOUT

static final String LDAP_CONNECTION_TIMEOUT

Timeout stored in milliseconds when opening new server connections. When connection pooling has been requested, this property also specifies the maximum wait time for a connection when all connections in pool are in use and the maximum pool size has been reached. Default: 0

See Also:

Constant Field Values

LDAP_READ_TIMEOUT

static final String LDAP_READ_TIMEOUT

Timeout stored in milliseconds for search and other read operations. Default: 120 seconds (120000ms)

Warning: CWD-2494: When read timeout is enabled, operations can fail randomly with "javax.naming.NamingException: LDAP response read timed out..." error message without waiting for the timeout to pass.

See Also:

Constant Field Values

Method Detail

getImplementations

Map<String,String> getImplementations()

getConfigurationDetails

Map<String,Properties> getConfigurationDetails()

getEnvironment

Map<String,String> getEnvironment()

getAttributes

Map<String,String> getAttributes()

setAttributes

void setAttributes(Map<String,String> attributes)

getAttribute

String getAttribute(String key)

getGroupFilter

String getGroupFilter()

getConnectionURL

String getConnectionURL()

getUsername

String getUsername()

getPassword

String getPassword()

getGroupNameAttribute

String getGroupNameAttribute()

getObjectClassAttribute

String getObjectClassAttribute()

getRoleFilter

@Deprecated
String getRoleFilter()

Deprecated.

getRoleNameAttribute

@Deprecated
String getRoleNameAttribute()

Deprecated.

getUserFilter

String getUserFilter()

getUserNameAttribute

String getUserNameAttribute()

getUserNameRdnAttribute

String getUserNameRdnAttribute()

getUserEmailAttribute

String getUserEmailAttribute()

getUserGroupMembershipsAttribute

String getUserGroupMembershipsAttribute()

The attribute on a principal that specifies their group memberships (usually "memberOf"). Not implemented by all directories.

Returns:

getGroupObjectClass

String getGroupObjectClass()

getGroupDescriptionAttribute

String getGroupDescriptionAttribute()

getGroupMemberAttribute

String getGroupMemberAttribute()

getRoleObjectClass

@Deprecated
String getRoleObjectClass()

Deprecated.

getRoleDescriptionAttribute

@Deprecated
String getRoleDescriptionAttribute()

Deprecated.

getRoleMemberAttribute

@Deprecated
String getRoleMemberAttribute()

Deprecated.

getUserObjectClass

String getUserObjectClass()

getUserFirstNameAttribute

String getUserFirstNameAttribute()

getUserLastNameAttribute

String getUserLastNameAttribute()

getUserDisplayNameAttribute

String getUserDisplayNameAttribute()

getUserPasswordAttribute

String getUserPasswordAttribute()

getUserEncryptionMethod

String getUserEncryptionMethod()

isPagedResultsControl

boolean isPagedResultsControl()

getPagedResultsSize

int getPagedResultsSize()

getSearchTimeLimit

int getSearchTimeLimit()

isNestedGroupsDisabled

boolean isNestedGroupsDisabled()

isUsingUserMembershipAttribute

boolean isUsingUserMembershipAttribute()

Whether we should use the "memberOf" (or equivalent) attribute in LDAP queries.

Returns:

isUsingUserMembershipAttributeForGroupMembership

boolean isUsingUserMembershipAttributeForGroupMembership()

Whether we should use the "memberOf" (or equivalent) attribute when fetching the list of groups a user belongs to.

Returns:

isReferral

boolean isReferral()

Returns true if referrals should be followed.

Returns:

true if referrals should be followed

isRelaxedDnStandardisation

boolean isRelaxedDnStandardisation()

Whether we should use the more expensive but completely cross-directory compatible method for standardising DNs when mapping object DNs and and memberDNs (value = false); or if we can use a more efficient but relaxed form of standardisation (value = true). See DNStandardiser for more information.

Returns:

false if proper standardisation is required.

isRolesDisabled

boolean isRolesDisabled()

Returns true if roles should be disabled, as in some caching setups. The grammatical atrocity that is the name of this method pains me more than you can imagine.

Returns:

isLocalGroupsEnabled

boolean isLocalGroupsEnabled()

Returns true if groups and group memberships are to be mutated only (created, updated, deleted) in local storage, otherwise the mutations will be propagated to the underlying LDAP implementation (full read-write LDAP groups).

Returns:

true if using local storage for groups and memberships

getCacheSynchroniseInterval

int getCacheSynchroniseInterval()

Returns the interval in seconds when the local Cache should be synchronized with LDAP.

Returns:

the interval in seconds when the local Cache should be synchronized with LDAP.

getLdapTypeConfigurations

List<LdapTypeConfig> getLdapTypeConfigurations()

Get a list of Ldap Type Configuration objects.

Returns:

List of LdapTypeConfigurations