View Javadoc
1   /*
2    * Copyright 2013–2021 Michael Osipov
3    *
4    * Licensed under the Apache License, Version 2.0 (the "License");
5    * you may not use this file except in compliance with the License.
6    * You may obtain a copy of the License at
7    *
8    *     http://www.apache.org/licenses/LICENSE-2.0
9    *
10   * Unless required by applicable law or agreed to in writing, software
11   * distributed under the License is distributed on an "AS IS" BASIS,
12   * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
13   * See the License for the specific language governing permissions and
14   * limitations under the License.
15   */
16  package net.sf.michaelo.tomcat.realm.mapper;
17  
18  import javax.naming.NamingException;
19  import javax.naming.directory.DirContext;
20  
21  import org.ietf.jgss.GSSName;
22  import org.ietf.jgss.Oid;
23  
24  import net.sf.michaelo.tomcat.realm.ActiveDirectoryRealm;
25  
26  /**
27   * A mapper interface (strategy pattern) for translating GSS names to Active Directory search
28   * space parameters.
29   */
30  public interface UsernameSearchMapper {
31  
32  	/**
33  	 * Mapped values holder. The {@link ActiveDirectoryRealm} uses these mapped values to search for
34  	 * a user.
35  	 */
36  	interface MappedValues {
37  
38  		String getSearchBase();
39  
40  		String getSearchAttributeName();
41  
42  		String getSearchUsername();
43  
44  	}
45  
46  	/**
47  	 * Returns an array of name type OIDs which a mapper is able to map into AD search space.
48  	 *
49  	 * @return supported string name type OIDs
50  	 */
51  	Oid[] getSupportedStringNameTypes();
52  
53  
54  	/**
55  	 * Determines whether a mapper is able to map a given GSS name into AD search space.
56  	 *
57  	 * @param gssName the gssName to test
58  	 * @return {@code} if this mapper is able to map a name, {@code false} otherwise
59  	 */
60  	boolean supportsGssName(GSSName gssName);
61  
62  	/**
63  	 * Maps a GSS name to AD search space parameters. A mapper implementation must assure that the
64  	 * user can be found in the given {@code context} when an approriate GSS name is presented. The
65  	 * implementor must be aware that the returned search base might need to be relativized to the
66  	 * root DN of the context.
67  	 *
68  	 * @param context
69  	 *            the search context
70  	 * @param gssName
71  	 *            the GSS name to be mapped
72  	 * @return mapped values for user retrieval
73  	 * @throws NamingException
74  	 *             if a context-related error has occured
75  	 * @throws IllegalArgumentException
76  	 *             if the GSS name is not supported
77  	 */
78  	MappedValues map(DirContext context, GSSName gssName) throws NamingException;
79  
80  }