public class SpringLdapTemplateWrapper extends Object
Wrap an LdapTemplate
and perform all operations with the context
ClassLoader set to this class's ClassLoader.
com.sun.naming.internal.NamingManager
uses the context
ClassLoader so, without this wrapper, calls that originate from plugins and
end up using LDAP will fail when they can't see the Spring LDAP
implementation classes.
Also logs how long the ldap query took, at DEBUG
level for all queries, or at
INFO
level if the query's duration exceeds a threshold (default 1 second),
settable by com.atlassian.crowd.ldap.log.wait.threshold
.
This class is the blessed way to interact with LDAP. LdapTemplate should not be used directly,
as this could open us up to an LDAP object injection vulnerability (see CWD-4754). This class calls very specific
methods of LdapTemplate in order to avoid manipulation of the SearchControls
. LdapTemplate can set the
returnObj
flag in the SearchControls to true before executing the search, opening us up to that very
vulnerability. Care should be taken when upgrading Spring LDAP to ensure that the search methods called still behave
the same.
As a safety net around providing SearchControls with the returningObj
flag set to false, the search methods
of this class will throw an IllegalArgumentException
if the search controls provided had the said flag set to
true.
Constructor and Description |
---|
SpringLdapTemplateWrapper(org.springframework.ldap.core.LdapTemplate template) |
Modifier and Type | Method and Description |
---|---|
void |
bind(Name dn,
Object obj,
Attributes attributes) |
<T> T |
lookup(LdapName dn,
ContextMapperWithRequiredAttributes<T> mapper) |
void |
lookup(LdapName dn,
String[] attributes,
org.springframework.ldap.core.AttributesMapper mapper) |
Object |
lookup(Name dn) |
void |
modifyAttributes(Name dn,
ModificationItem[] mods) |
void |
rename(String oldDn,
String newDn) |
void |
search(Name base,
String filter,
SearchControls controls,
AttributeToContextCallbackHandler handler,
org.springframework.ldap.core.DirContextProcessor processor) |
List |
search(Name base,
String filter,
SearchControls controls,
org.springframework.ldap.core.ContextMapper mapper) |
List |
search(Name base,
String filter,
SearchControls controls,
org.springframework.ldap.core.ContextMapper mapper,
org.springframework.ldap.core.DirContextProcessor processor) |
List |
searchWithLimitedResults(Name baseDN,
String filter,
SearchControls searchControls,
org.springframework.ldap.core.ContextMapper contextMapper,
org.springframework.ldap.core.DirContextProcessor processor,
int limit) |
void |
setIgnorePartialResultException(boolean ignore) |
void |
unbind(Name dn) |
public SpringLdapTemplateWrapper(org.springframework.ldap.core.LdapTemplate template)
public List search(Name base, String filter, SearchControls controls, org.springframework.ldap.core.ContextMapper mapper)
public List search(Name base, String filter, SearchControls controls, org.springframework.ldap.core.ContextMapper mapper, org.springframework.ldap.core.DirContextProcessor processor)
public void search(Name base, String filter, SearchControls controls, AttributeToContextCallbackHandler handler, org.springframework.ldap.core.DirContextProcessor processor)
public void unbind(Name dn)
public void bind(Name dn, Object obj, Attributes attributes)
public void modifyAttributes(Name dn, ModificationItem[] mods)
public void lookup(LdapName dn, String[] attributes, org.springframework.ldap.core.AttributesMapper mapper)
public <T> T lookup(LdapName dn, ContextMapperWithRequiredAttributes<T> mapper)
public void setIgnorePartialResultException(boolean ignore)
public List searchWithLimitedResults(Name baseDN, String filter, SearchControls searchControls, org.springframework.ldap.core.ContextMapper contextMapper, org.springframework.ldap.core.DirContextProcessor processor, int limit)
Copyright © 2021 Atlassian. All rights reserved.