LdapUtils

Overview

Package

Class

Tree

Deprecated

Index

Help

PREV CLASS NEXT CLASS

FRAMES NO FRAMES

SUMMARY: NESTED | FIELD | CONSTR | METHOD

DETAIL: FIELD | CONSTR | METHOD

com.raritantechnologies.utils
Class LdapUtils

java.lang.Object
  com.raritantechnologies.utils.LdapUtils

public class LdapUtils
extends java.lang.Object

LdapUtils - Miscellaneous LDAP-related utility methods.

Author:: Glenn Robitaille (Raritan Technologies)

Field Summary
`static boolean`	`DEBUG`

Constructor Summary
`LdapUtils()`

Method Summary
`static boolean`	`isAccountValid(java.lang.String ldap_account_dn, java.lang.String ldap_account_password, java.lang.String primaryServer, java.lang.String secondaryServer, int iLDAPPort, int iLDAPVersion)` Checks whether an account exists in LDAP
`static boolean`	`isMemberOfGroup(java.lang.String sUserDN, java.lang.String sGroupDN, java.lang.String searchFilter, java.lang.String memberAttribute, java.lang.String ldap_account_dn, java.lang.String ldap_account_password, java.lang.String primaryServer, java.lang.String secondaryServer, int iLDAPPort, int iLDAPVersion, boolean bIgnoreBlanksAndCase, java.lang.String groupMembershipAttribute)` Logically perform a recursive search of LDAP groups, to see if a user is a member of a group.
`static boolean`	`isMemberOfGroupUsingAttribute(java.lang.String sUserDN, java.lang.String searchFilter, java.lang.String ldap_account_dn, java.lang.String ldap_account_password, java.lang.String primaryServer, java.lang.String secondaryServer, int iLDAPPort, int iLDAPVersion, java.lang.String groupAttribute)` See if the a user is a member of a group, as determined by a attribute of the user DN.
`static boolean`	`isMemberOfSetOfGroups(LDAPConnection ld, java.lang.String sUserDN, java.lang.String sGroupDN, java.lang.String memberAttribute, java.lang.String groupSubstring, boolean bIgnoreBlanksAndCase, java.util.HashSet startingPoints)`

Methods inherited from class java.lang.Object

clone, equals, finalize, getClass, hashCode, notify, notifyAll, toString, wait, wait, wait

Field Detail

DEBUG

public static final boolean DEBUG

See Also:: Constant Field Values

Constructor Detail

LdapUtils

public LdapUtils()

Method Detail

isAccountValid

public static boolean isAccountValid(java.lang.String ldap_account_dn,
                                     java.lang.String ldap_account_password,
                                     java.lang.String primaryServer,
                                     java.lang.String secondaryServer,
                                     int iLDAPPort,
                                     int iLDAPVersion)

Checks whether an account exists in LDAP

Parameters:: ldap_account_dn - the DN for the account to use for searching; ldap_account_password - the password corresponding to ldap_account_dn; primaryServer - the primary LDAP server; secondaryServer - the secondary LDAP server (null if N/A); iLDAPPort - LDAP port number; iLDAPVersion - LDAP version

isMemberOfGroup

public static boolean isMemberOfGroup(java.lang.String sUserDN,
                                      java.lang.String sGroupDN,
                                      java.lang.String searchFilter,
                                      java.lang.String memberAttribute,
                                      java.lang.String ldap_account_dn,
                                      java.lang.String ldap_account_password,
                                      java.lang.String primaryServer,
                                      java.lang.String secondaryServer,
                                      int iLDAPPort,
                                      int iLDAPVersion,
                                      boolean bIgnoreBlanksAndCase,
                                      java.lang.String groupMembershipAttribute)

Logically perform a recursive search of LDAP groups, to see if a user is a member of a group. This does not use true recursion for a number of reasons

we don't want to visit groups multiple times. because of nesting, a group may be contained a number of times in an outer group.
we don't want to use multiple LDAP connections
if we used recursion, the outer connections would likely time out.

Parameters:: sUserDN - user DN we are looking for; sGroupDN - DN under which the groups are found; searchFilter - filter used to find groups within sGroupDN; memberAttribute - attribute to inspect to look for groups; ldap_account_dn - the DN for the account to use for searching; ldap_account_password - the password corresponding to ldap_account_dn; primaryServer - the primary LDAP server; secondaryServer - the secondary LDAP server (null if N/A); iLDAPPort - LDAP port number; iLDAPVersion - LDAP version; bIgnoreBlanksAndCase - flag denoting if should we ignore blanks when comparing sUserDN.; groupMembershipAttribute - attribute of sUserDN that lists some groups a user is a member of -- if avilable, more efficient than searching groups.

isMemberOfSetOfGroups

public static boolean isMemberOfSetOfGroups(LDAPConnection ld,
                                            java.lang.String sUserDN,
                                            java.lang.String sGroupDN,
                                            java.lang.String memberAttribute,
                                            java.lang.String groupSubstring,
                                            boolean bIgnoreBlanksAndCase,
                                            java.util.HashSet startingPoints)

isMemberOfGroupUsingAttribute

public static boolean isMemberOfGroupUsingAttribute(java.lang.String sUserDN,
                                                    java.lang.String searchFilter,
                                                    java.lang.String ldap_account_dn,
                                                    java.lang.String ldap_account_password,
                                                    java.lang.String primaryServer,
                                                    java.lang.String secondaryServer,
                                                    int iLDAPPort,
                                                    int iLDAPVersion,
                                                    java.lang.String groupAttribute)

See if the a user is a member of a group, as determined by a attribute of the user DN.

Parameters:: sUserDN - user DN we are looking for; searchFilter - filter used to find groups within attribute. NOTE: this does not take complex expressions. If the string ends it a '*', it uses startsWith logic, otherwise it must match EXACTLY. No other regular expressions can be used.; ldap_account_dn - the DN for the account to use for searching; ldap_account_password - the password corresponding to ldap_account_dn; primaryServer - the primary LDAP server; secondaryServer - the secondary LDAP server (null if N/A); iLDAPPort - LDAP port number; iLDAPVersion - LDAP version; groupAttribute - attribute to inspect to look for groups

Overview

Package

Class

Tree

Deprecated

Index

Help

PREV CLASS NEXT CLASS

FRAMES NO FRAMES

SUMMARY: NESTED | FIELD | CONSTR | METHOD

DETAIL: FIELD | CONSTR | METHOD

com.raritantechnologies.utils Class LdapUtils

DEBUG

LdapUtils

isAccountValid

isMemberOfGroup

isMemberOfSetOfGroups

isMemberOfGroupUsingAttribute

com.raritantechnologies.utils
Class LdapUtils