Package org.jbpm.services.task.identity
Class LDAPUserGroupCallbackImpl
- java.lang.Object
-
- org.jbpm.services.task.identity.AbstractUserGroupInfo
-
- org.jbpm.services.task.identity.LDAPUserGroupCallbackImpl
-
- All Implemented Interfaces:
org.kie.api.task.UserGroupCallback
public class LDAPUserGroupCallbackImpl extends AbstractUserGroupInfo implements org.kie.api.task.UserGroupCallback
LDAP integration for Task Service to collect user and role/group information.Following is a list of all supported properties:
- ldap.bind.user (optional if LDAP server accepts anonymous access)
- ldap.bind.pwd (optional if LDAP server accepts anonymous access
- ldap.user.ctx (mandatory)
- ldap.role.ctx (mandatory)
- ldap.user.roles.ctx (optional, if not given ldap.role.ctx will be used)
- ldap.user.filter (mandatory)
- ldap.role.filter (mandatory)
- ldap.user.roles.filter (mandatory)
- ldap.user.attr.id (optional, if not given 'uid' will be used)
- ldap.roles.attr.id (optional, if not given 'cn' will be used)
- ldap.user.id.dn (optional, is user id a DN, instructs the callback to query for user DN before searching for roles, default false)
- ldap.search.scope (optional, if not given 'ONELEVEL_SCOPE' will be used) possible values are: OBJECT_SCOPE, ONELEVEL_SCOPE, SUBTREE_SCOPE
- ldap.name.escape (optional, instructs to escape - illegal character in user/group name before the query - currently escapes only comma) by default is set to true
- java.naming.factory.initial
- java.naming.security.authentication
- java.naming.security.protocol
- java.naming.provider.url
-
-
Field Summary
Fields Modifier and Type Field Description static StringBIND_PWDstatic StringBIND_USERprotected static StringDEFAULT_ROLE_ATTR_IDprotected static StringDEFAULT_USER_ATTR_IDstatic StringIS_USER_ID_DNstatic StringLDAP_NAME_ESCAPEprotected LdapSearcherldapSearcherstatic StringROLE_ATTR_IDstatic StringROLE_CTXstatic StringROLE_FILTERstatic StringSEARCH_SCOPEstatic StringUSER_ATTR_IDstatic StringUSER_CTXstatic StringUSER_FILTERstatic StringUSER_ROLES_CTXstatic StringUSER_ROLES_FILTER
-
Constructor Summary
Constructors Constructor Description LDAPUserGroupCallbackImpl(boolean activate)Constructor needs to have at least one (unused) parameter in order to prevent CDI from automatic deployment.LDAPUserGroupCallbackImpl(Properties config)
-
Method Summary
All Methods Instance Methods Concrete Methods Modifier and Type Method Description protected StringescapeIllegalChars(String entityId)booleanexistsGroup(String groupId)booleanexistsUser(String userId)StringgetConfigProperty(String key)StringgetConfigProperty(String key, String defaultValue)List<String>getGroupsForUser(String userId)protected StringunescapeIllegalChars(String entityId)-
Methods inherited from class org.jbpm.services.task.identity.AbstractUserGroupInfo
readProperties
-
-
-
-
Field Detail
-
USER_CTX
public static final String USER_CTX
- See Also:
- Constant Field Values
-
ROLE_CTX
public static final String ROLE_CTX
- See Also:
- Constant Field Values
-
USER_ROLES_CTX
public static final String USER_ROLES_CTX
- See Also:
- Constant Field Values
-
USER_FILTER
public static final String USER_FILTER
- See Also:
- Constant Field Values
-
ROLE_FILTER
public static final String ROLE_FILTER
- See Also:
- Constant Field Values
-
USER_ROLES_FILTER
public static final String USER_ROLES_FILTER
- See Also:
- Constant Field Values
-
USER_ATTR_ID
public static final String USER_ATTR_ID
- See Also:
- Constant Field Values
-
ROLE_ATTR_ID
public static final String ROLE_ATTR_ID
- See Also:
- Constant Field Values
-
IS_USER_ID_DN
public static final String IS_USER_ID_DN
- See Also:
- Constant Field Values
-
SEARCH_SCOPE
public static final String SEARCH_SCOPE
- See Also:
- Constant Field Values
-
LDAP_NAME_ESCAPE
public static final String LDAP_NAME_ESCAPE
- See Also:
- Constant Field Values
-
BIND_USER
public static final String BIND_USER
- See Also:
- Constant Field Values
-
BIND_PWD
public static final String BIND_PWD
- See Also:
- Constant Field Values
-
DEFAULT_ROLE_ATTR_ID
protected static final String DEFAULT_ROLE_ATTR_ID
- See Also:
- Constant Field Values
-
DEFAULT_USER_ATTR_ID
protected static final String DEFAULT_USER_ATTR_ID
- See Also:
- Constant Field Values
-
ldapSearcher
protected LdapSearcher ldapSearcher
-
-
Constructor Detail
-
LDAPUserGroupCallbackImpl
public LDAPUserGroupCallbackImpl(boolean activate)
Constructor needs to have at least one (unused) parameter in order to prevent CDI from automatic deployment. Configuration properties are loaded from a file specified by jbpm.usergroup.callback system property or classpath:/jbpm.usergroup.callback.properties file.- Parameters:
activate- ignored
-
LDAPUserGroupCallbackImpl
public LDAPUserGroupCallbackImpl(Properties config)
- Parameters:
config- LDAP configuration properties
-
-
Method Detail
-
existsUser
public boolean existsUser(String userId)
- Specified by:
existsUserin interfaceorg.kie.api.task.UserGroupCallback
-
existsGroup
public boolean existsGroup(String groupId)
- Specified by:
existsGroupin interfaceorg.kie.api.task.UserGroupCallback
-
getGroupsForUser
public List<String> getGroupsForUser(String userId)
- Specified by:
getGroupsForUserin interfaceorg.kie.api.task.UserGroupCallback
-
-