Class OtpCredentialLoader
- java.lang.Object
-
- org.wildfly.security.auth.realm.ldap.OtpCredentialLoader
-
- All Implemented Interfaces:
CredentialLoader,CredentialPersister
class OtpCredentialLoader extends Object implements CredentialPersister
ACredentialLoaderfor loading OTP credentials stored within defined attributes of LDAP entries.- Author:
- Jan Kalina
-
-
Nested Class Summary
Nested Classes Modifier and Type Class Description private classOtpCredentialLoader.ForIdentityLoader
-
Field Summary
Fields Modifier and Type Field Description private StringalgorithmAttributeNameprivate StringhashAttributeNameprivate StringseedAttributeNameprivate StringsequenceAttributeName
-
Constructor Summary
Constructors Constructor Description OtpCredentialLoader(String algorithmAttributeName, String hashAttributeName, String seedAttributeName, String sequenceAttributeName)
-
Method Summary
All Methods Instance Methods Concrete Methods Modifier and Type Method Description voidaddRequiredIdentityAttributes(Collection<String> attributes)Construct set of LDAP attributes, which should be loaded as part of the identity from identity entry.OtpCredentialLoader.ForIdentityLoaderforIdentity(DirContext context, String distinguishedName, Attributes attributes)Obtain anIdentityCredentialLoaderto query the credentials for a specific identity.SupportLevelgetCredentialAcquireSupport(Class<? extends Credential> credentialType, String algorithmName, AlgorithmParameterSpec parameterSpec)Determine whether a given credential is definitely supported, possibly supported (for some identities), or definitely not supported.-
Methods inherited from class java.lang.Object
clone, equals, finalize, getClass, hashCode, notify, notifyAll, toString, wait, wait, wait
-
Methods inherited from interface org.wildfly.security.auth.realm.ldap.CredentialLoader
addBinaryIdentityAttributes, forIdentity
-
-
-
-
Method Detail
-
getCredentialAcquireSupport
public SupportLevel getCredentialAcquireSupport(Class<? extends Credential> credentialType, String algorithmName, AlgorithmParameterSpec parameterSpec)
Description copied from interface:CredentialLoaderDetermine whether a given credential is definitely supported, possibly supported (for some identities), or definitely not supported.A DirContextFactory is made available if the directory server is going to be queried but most likely this call will need to be generic as querying a whole directory is not realistic.
Note: The DirContextFactory approach will be evolved further for better referral support so it makes it easier for it to be passed in for each call.
- Specified by:
getCredentialAcquireSupportin interfaceCredentialLoader- Parameters:
credentialType- the credential type (must not benull)algorithmName- the credential algorithm nameparameterSpec- the algorithm parameters to match, ornullif any parameters are acceptable or the credential type does not support algorithm parameters- Returns:
- the level of support for this credential type
-
forIdentity
public OtpCredentialLoader.ForIdentityLoader forIdentity(DirContext context, String distinguishedName, Attributes attributes)
Description copied from interface:CredentialPersisterObtain anIdentityCredentialLoaderto query the credentials for a specific identity. Note: By this point referrals relating to the identity should have been resolved so theDirContextFactoryshould be suitable for use with the supplieddistinguishedName- Specified by:
forIdentityin interfaceCredentialLoader- Specified by:
forIdentityin interfaceCredentialPersister- Parameters:
context- theDirContextto use to connect to LDAP.distinguishedName- the distinguished name of the identity.attributes- the identity attributes requested byCredentialLoader.addRequiredIdentityAttributes(Collection)- Returns:
- An
IdentityCredentialLoaderfor the specified identity identified by their distinguished name.
-
addRequiredIdentityAttributes
public void addRequiredIdentityAttributes(Collection<String> attributes)
Description copied from interface:CredentialLoaderConstruct set of LDAP attributes, which should be loaded as part of the identity from identity entry.- Specified by:
addRequiredIdentityAttributesin interfaceCredentialLoader- Parameters:
attributes- output collection of attributes names, into which should be added
-
-