Package org.broadleafcommerce.common.security.ldap

Class BroadleafActiveDirectoryUserDetailsMapper

java.lang.Object
org.springframework.security.ldap.userdetails.LdapUserDetailsMapper
org.broadleafcommerce.common.security.ldap.BroadleafActiveDirectoryUserDetailsMapper
All Implemented Interfaces:
org.springframework.security.ldap.userdetails.UserDetailsContextMapper
@Deprecated public class BroadleafActiveDirectoryUserDetailsMapper extends org.springframework.security.ldap.userdetails.LdapUserDetailsMapper
Deprecated.
NO LONGER REQUIRED AND SHOULD NOT BE USED. SEE BroadleafAdminLdapUserDetailsMapper.
This class allows Spring to do it's thing with respect to mapping user details from LDAP to the Spring's security framework. However, this class allows us to specify whether to use the user's user name from LDAP, or to use their email address to map them to a Broadleaf user. It also allows us to override the role names (GrantedAuthorities) that come from LDAP with names that may be more suitable for Broadleaf.
Author:
Kelly Tisdell

  • Field Details

    • useEmailAddressAsUsername

      protected boolean useEmailAddressAsUsername
      Deprecated.

    • additiveRoleNameSubstitutions

      protected boolean additiveRoleNameSubstitutions
      Deprecated.

    • roleNameSubstitutions

      protected Map<String,String[]> roleNameSubstitutions
      Deprecated.

  • Constructor Details

    • BroadleafActiveDirectoryUserDetailsMapper

      public BroadleafActiveDirectoryUserDetailsMapper()
      Deprecated.

  • Method Details

    • mapUserFromContext

      public org.springframework.security.core.userdetails.UserDetails mapUserFromContext(org.springframework.ldap.core.DirContextOperations ctx, String username, Collection<? extends org.springframework.security.core.GrantedAuthority> authorities)
      Deprecated.
      Specified by:
      mapUserFromContext in interface org.springframework.security.ldap.userdetails.UserDetailsContextMapper
      Overrides:
      mapUserFromContext in class org.springframework.security.ldap.userdetails.LdapUserDetailsMapper

    • setUseEmailAddressAsUsername

      public void setUseEmailAddressAsUsername(boolean value)
      Deprecated.
      The LDAP server may contain a user name other than an email address. If the email address should be used to map to a Broadleaf user, then set this to true. The principal will be set to the user's email address returned from the LDAP server.
      Parameters:
      value -

    • setRoleNameSubstitutions

      public void setRoleNameSubstitutions(Map<String,String[]> roleNameSubstitutions)
      Deprecated.
      This allows you to declaratively set a map containing values that will substitute role names from LDAP to Broadleaf roles names in cases that they might be different. For example, if you have a role specified in LDAP under "memberOf" with a DN of "Marketing Administrator", you might want to map that to the role "ADMIN". By default the prefix "ROLE_" will be pre-pended to this name. So to configure this, you would specify:

      With this configuration, all roles returned by LDAP that have a DN of "Marketing Administrator" will be converted to "ADMIN"

      Parameters:
      roleNameSubstitutions -

    • setAdditiveRoleNameSubstitutions

      public void setAdditiveRoleNameSubstitutions(boolean additiveRoleNameSubstitutions)
      Deprecated.
      This should be used in conjunction with the roleNameSubstitutions property. If this is set to true, this will add the mapped roles to the list of original granted authorities. If set to false, this will replace the original granted authorities with the mapped ones. Defaults to false.
      Parameters:
      additiveRoleNameSubstitutions -