org.apache.hadoop.gateway.shirorealm

Class KnoxLdapRealm

java.lang.Object

org.apache.shiro.realm.CachingRealm

org.apache.shiro.realm.AuthenticatingRealm

org.apache.shiro.realm.AuthorizingRealm

org.apache.shiro.realm.ldap.DefaultLdapRealm

org.apache.knox.gateway.shirorealm.KnoxLdapRealm

org.apache.hadoop.gateway.shirorealm.KnoxLdapRealm

All Implemented Interfaces:

org.apache.shiro.authc.LogoutAware, org.apache.shiro.authz.Authorizer, org.apache.shiro.authz.permission.PermissionResolverAware, org.apache.shiro.authz.permission.RolePermissionResolverAware, org.apache.shiro.cache.CacheManagerAware, org.apache.shiro.realm.Realm, org.apache.shiro.util.Initializable, org.apache.shiro.util.Nameable

Deprecated.

Use KnoxLdapRealm

@Deprecated
public class KnoxLdapRealm
extends KnoxLdapRealm

An adapter class that delegate calls to KnoxLdapRealm for backwards compatibility with package structure.

Since:

0.14.0

Constructor Summary

Constructors

Constructor and Description
KnoxLdapRealm() Deprecated.

Method Summary

Modifier and Type	Method and Description
protected org.apache.shiro.authc.AuthenticationInfo	createAuthenticationInfo(org.apache.shiro.authc.AuthenticationToken token, Object ldapPrincipal, Object ldapCredentials, LdapContext ldapContext) Deprecated.
protected org.apache.shiro.authc.AuthenticationInfo	doGetAuthenticationInfo(org.apache.shiro.authc.AuthenticationToken token) Deprecated.
protected String	getUserDn(String principal) Deprecated. Returns the LDAP User Distinguished Name (DN) to use when acquiring an LdapContext from the LdapContextFactory.
protected org.apache.shiro.authz.AuthorizationInfo	queryForAuthorizationInfo(org.apache.shiro.subject.PrincipalCollection principals, org.apache.shiro.realm.ldap.LdapContextFactory ldapContextFactory) Deprecated. Get groups from LDAP.

Methods inherited from class org.apache.knox.gateway.shirorealm.KnoxLdapRealm

getGroupIdAttribute, getGroupObjectClass, getGroupSearchBase, getMemberAttribute, getPrincipalRegex, getSearchBase, getUserObjectClass, getUserSearchAttributeName, getUserSearchAttributeTemplate, getUserSearchBase, getUserSearchFilter, getUserSearchScope, isAuthorizationEnabled, setAuthorizationEnabled, setGroupIdAttribute, setGroupObjectClass, setGroupSearchBase, setMemberAttribute, setMemberAttributeValueTemplate, setPermissionsByRole, setPrincipalRegex, setRolesByGroup, setSearchBase, setUserDnTemplate, setUserObjectClass, setUserSearchAttributeName, setUserSearchAttributeTemplate, setUserSearchBase, setUserSearchFilter, setUserSearchScope

Methods inherited from class org.apache.shiro.realm.ldap.DefaultLdapRealm

doGetAuthorizationInfo, getContextFactory, getLdapPrincipal, getUserDnPrefix, getUserDnSuffix, getUserDnTemplate, queryForAuthenticationInfo, setContextFactory

Methods inherited from class org.apache.shiro.realm.AuthorizingRealm

afterCacheManagerSet, checkPermission, checkPermission, checkPermission, checkPermissions, checkPermissions, checkPermissions, checkRole, checkRole, checkRoles, checkRoles, checkRoles, clearCachedAuthorizationInfo, doClearCache, getAuthorizationCache, getAuthorizationCacheKey, getAuthorizationCacheName, getAuthorizationInfo, getPermissionResolver, getPermissions, getRolePermissionResolver, hasAllRoles, hasRole, hasRole, hasRoles, hasRoles, isAuthorizationCachingEnabled, isPermitted, isPermitted, isPermitted, isPermitted, isPermitted, isPermitted, isPermittedAll, isPermittedAll, isPermittedAll, onInit, setAuthorizationCache, setAuthorizationCacheName, setAuthorizationCachingEnabled, setName, setPermissionResolver, setRolePermissionResolver

Methods inherited from class org.apache.shiro.realm.AuthenticatingRealm

assertCredentialsMatch, clearCachedAuthenticationInfo, getAuthenticationCache, getAuthenticationCacheKey, getAuthenticationCacheKey, getAuthenticationCacheName, getAuthenticationInfo, getAuthenticationTokenClass, getCredentialsMatcher, init, isAuthenticationCachingEnabled, isAuthenticationCachingEnabled, setAuthenticationCache, setAuthenticationCacheName, setAuthenticationCachingEnabled, setAuthenticationTokenClass, setCredentialsMatcher, supports

Methods inherited from class org.apache.shiro.realm.CachingRealm

clearCache, getAvailablePrincipal, getCacheManager, getName, isCachingEnabled, onLogout, setCacheManager, setCachingEnabled

Methods inherited from class java.lang.Object

clone, equals, finalize, getClass, hashCode, notify, notifyAll, toString, wait, wait, wait

Methods inherited from interface org.apache.shiro.util.Initializable

init

Constructor Detail

KnoxLdapRealm

public KnoxLdapRealm()

Deprecated.

Method Detail

doGetAuthenticationInfo

protected org.apache.shiro.authc.AuthenticationInfo doGetAuthenticationInfo(org.apache.shiro.authc.AuthenticationToken token)
                                                                     throws org.apache.shiro.authc.AuthenticationException

Deprecated.

Overrides:

doGetAuthenticationInfo in class KnoxLdapRealm

Throws:

org.apache.shiro.authc.AuthenticationException

queryForAuthorizationInfo

protected org.apache.shiro.authz.AuthorizationInfo queryForAuthorizationInfo(org.apache.shiro.subject.PrincipalCollection principals,
                                                                             org.apache.shiro.realm.ldap.LdapContextFactory ldapContextFactory)
                                                                      throws NamingException

Deprecated.

Get groups from LDAP.

Overrides:

queryForAuthorizationInfo in class KnoxLdapRealm

Parameters:

principals - the principals of the Subject whose AuthenticationInfo should be queried from the LDAP server.

ldapContextFactory - factory used to retrieve LDAP connections.

Returns:

an AuthorizationInfo instance containing information retrieved from the LDAP server.

Throws:

NamingException - if any LDAP errors occur during the search.

getUserDn

protected String getUserDn(String principal)
                    throws IllegalArgumentException,
                           IllegalStateException

Deprecated.

Returns the LDAP User Distinguished Name (DN) to use when acquiring an LdapContext from the LdapContextFactory. If the the userDnTemplate property has been set, this implementation will construct the User DN by substituting the specified principal into the configured template. If the userDnTemplate has not been set, the method argument will be returned directly (indicating that the submitted authentication token principal is the User DN).

Overrides:

getUserDn in class KnoxLdapRealm

Parameters:

principal - the principal to substitute into the configured userDnTemplate.

Returns:

the constructed User DN to use at runtime when acquiring an LdapContext.

Throws:

IllegalArgumentException - if the method argument is null or empty

IllegalStateException - if the userDnTemplate has not been set.

See Also:

LdapContextFactory.getLdapContext(Object, Object)

createAuthenticationInfo

protected org.apache.shiro.authc.AuthenticationInfo createAuthenticationInfo(org.apache.shiro.authc.AuthenticationToken token,
                                                                             Object ldapPrincipal,
                                                                             Object ldapCredentials,
                                                                             LdapContext ldapContext)
                                                                      throws NamingException

Deprecated.

Overrides:

createAuthenticationInfo in class KnoxLdapRealm

Throws:

NamingException