public final class PasswordComparisonAuthenticator extends AbstractLdapAuthenticator
LdapAuthenticator
which compares the login
password with the value stored in the directory.
This can be achieved either by retrieving the password attribute for the user and comparing it locally, or by peforming an LDAP "compare" operation. If the password attribute (default "userPassword") is found in the retrieved attributes it will be compared locally. If not, the remote comparison will be attempted.
If passwords are stored in digest form in the repository, then a suitable PasswordEncoder
implementation must be supplied. By default, passwords are encoded using the LdapShaPasswordEncoder
.
messages
Constructor and Description |
---|
PasswordComparisonAuthenticator(InitialDirContextFactory initialDirContextFactory) |
Modifier and Type | Method and Description |
---|---|
LdapUserDetails |
authenticate(String username,
String password)
Authenticates as a user and obtains additional user information from the directory.
|
void |
setPasswordAttributeName(String passwordAttribute) |
void |
setPasswordEncoder(PasswordEncoder passwordEncoder) |
afterPropertiesSet, getInitialDirContextFactory, getUserAttributes, getUserDetailsMapper, getUserDns, getUserSearch, setMessageSource, setUserAttributes, setUserDetailsMapper, setUserDnPatterns, setUserSearch
public PasswordComparisonAuthenticator(InitialDirContextFactory initialDirContextFactory)
public LdapUserDetails authenticate(String username, String password)
LdapAuthenticator
username
- the user's login name (not their DN).password
- the user's password supplied at login.public void setPasswordAttributeName(String passwordAttribute)
public void setPasswordEncoder(PasswordEncoder passwordEncoder)
Copyright © 2004–2019 Interface21, Inc. All rights reserved.