public class NestedLdapAuthoritiesPopulator
extends org.springframework.security.ldap.userdetails.DefaultLdapAuthoritiesPopulator
implements org.springframework.beans.factory.InitializingBean
The map below specifies that the Marketing and Sales roles are child roles of the BIReporting role. So if user suzy belongs to the Marketing role, she will be assigned both Marketing and BIReporting roles by the time this populator returns.
Any role prefix and/or case manipulation must be present in this mapping. In other words, if a role prefix has been
set to ROLE_
, and convertToUpperCase
has been set to true
, then both the keys
and values must begin with ROLE_
and be all uppercase.
<property name="extraRolesMapping"> <map> <entry key="Marketing" value="BIReporting" /> <entry key="Sales" value="BIReporting" /> </map> </property>
Based on http://forum.springframework.org/showthread.php?t=28007
Constructor and Description |
---|
NestedLdapAuthoritiesPopulator(org.springframework.ldap.core.ContextSource contextSource,
String groupSearchBase) |
Modifier and Type | Method and Description |
---|---|
void |
afterPropertiesSet() |
Map |
getExtraRolesMapping() |
Set |
getGroupMembershipRoles(String userDn,
String username)
Calls super's implementation then adds extra roles.
|
protected Set |
getParentRoles(Set children)
Iterates over the set, using the items as keys into the extraRolesMapping.
|
void |
setExtraRolesMapping(Map extraRolesMapping) |
protected Set |
toGrantedAuthorities(Set rolesAsStringsSet)
Converts a set of strings into a set of granted authorities.
|
getAdditionalRoles, getContextSource, getGrantedAuthorities, getGroupRoleAttribute, getGroupSearchBase, getGroupSearchFilter, getLdapTemplate, getRolePrefix, isConvertToUpperCase, setConvertToUpperCase, setDefaultRole, setGroupRoleAttribute, setGroupSearchFilter, setIgnorePartialResultException, setRolePrefix, setSearchSubtree
public NestedLdapAuthoritiesPopulator(org.springframework.ldap.core.ContextSource contextSource, String groupSearchBase)
public Set getGroupMembershipRoles(String userDn, String username)
getGroupMembershipRoles
in class org.springframework.security.ldap.userdetails.DefaultLdapAuthoritiesPopulator
protected Set getParentRoles(Set children)
children
- Set
of keysSet
of values retrieved from keysprotected Set toGrantedAuthorities(Set rolesAsStringsSet)
rolesAsStringsSet
- Set
of String
instancesSet
of GrantedAuthority
instancespublic Map getExtraRolesMapping()
public void setExtraRolesMapping(Map extraRolesMapping)
Copyright © 2018 Hitachi Vantara. All rights reserved.