blackboard.platform.security.authentication
Class LDAPAuthModule

java.lang.Object
  blackboard.platform.security.authentication.BaseAuthenticationModule
      blackboard.platform.security.authentication.LDAPAuthModule

All Implemented Interfaces:

HttpAuthModule, blackboard.platform.security.authentication.IUserPassAuthModule

public class LDAPAuthModule
extends BaseAuthenticationModule
implements blackboard.platform.security.authentication.IUserPassAuthModule

Implementation class for the LDAP authentication provider for Blackboard Learning system. Building Block Developers are able to subclass this in custom authentications. However, specific changes to the way that the provider connects to the LDAP server may not be made and will still be dictated by properties set in the authentication.properties file.

Subclasses must call the BaseAuthenticationModule.authenticate(String, String, SessionStub, boolean) and init(ConfigurationService) methods in this class or the LDAP functionality will not work.

Developers that wish to substantially change the behavior of the LDAP provider can use BaseAuthenticationModule to implement their own LDAP provider using JNDI or another library.

Since:

Bb 6.3

See Also:

HttpAuthModule

Nested Class Summary

Nested classes/interfaces inherited from class blackboard.platform.security.authentication.BaseAuthenticationModule

BaseAuthenticationModule.ValidationSucceeded

Field Summary

Fields inherited from class blackboard.platform.security.authentication.BaseAuthenticationModule

_config, _logger, IMPL_CLASS_KEY, USE_CHALLENGE_KEY

Constructor Summary

LDAPAuthModule()
Constructor for the LDAP authentication provider.

Method Summary

protected java.lang.String	authenticate(java.lang.String userName, java.lang.String password, SessionStub sessionStub, boolean useChallenge, boolean isSecondary) Method to support LDAP-based authentication.
protected blackboard.platform.security.authentication.LDAPAuthContext	createAuthContext(blackboard.platform.security.authentication.LDAPServerConfig config, java.lang.String url)
java.lang.String	getAuthType() Returns a String identifier for the authentication type for a given implementation of HttpAuthModule.
boolean	getErrorFallbackToBb() Returns a true if the LDAP provider is configured to "fall back" to the default authentication if an error is encountered using LDAP.
int	getNumServers() Returns the number of LDAP servers configured.
java.lang.String[]	getPropKeys() Returns a String array of the keys to this authentication module's configuration properties file.
java.lang.String	getRemoteUser(javax.servlet.http.HttpServletRequest request) Extracts the CGI variable REMOTE_USER from the incoming request.
User	getUserFromUsernamePassword(java.lang.String username, java.lang.String password) Returns the User object for a given username and password.
boolean	getUserNotFoundFallbackToBb() Returns true of the LDAP provider is configured to "fall back" to the default authentication if the user is not found in LDAP.
void	init(ConfigurationService cfg) Initializes authentication module.

Methods inherited from class blackboard.platform.security.authentication.BaseAuthenticationModule

assertRequestAuthenticate, authenticate, doAuthenticate, doAuthenticate, doAuthenticate, doLogout, establishSession, getBundle, getConfigErrs, getCreateAccountAllowed, getDefaultAuthType, getDoAuthenticateParams, getRequestAuthenticateUri, getSecondaryDoAuthenticateParams, getSubConfigErrs, getUseChallenge, isExternalAuth, requestAuthenticate, setAuthTypeDisplayStr, setConfig, setGlobalKeys, suppressFirstLoadError, validateConfig, validatePassword

Methods inherited from class java.lang.Object

clone, equals, finalize, getClass, hashCode, notify, notifyAll, toString, wait, wait, wait

Constructor Detail

LDAPAuthModule

public LDAPAuthModule()

Constructor for the LDAP authentication provider. Not necessary, but adding here in case someone ever adds a second constructor which would prevent the default constructor from getting created.

Method Detail

init

public void init(ConfigurationService cfg)

Initializes authentication module.

Specified by:

init in interface HttpAuthModule

Overrides:

init in class BaseAuthenticationModule

Parameters:

cfg - The ConfigurationService for this installation.

getErrorFallbackToBb

public boolean getErrorFallbackToBb()

Returns a true if the LDAP provider is configured to "fall back" to the default authentication if an error is encountered using LDAP.

getUserNotFoundFallbackToBb

public boolean getUserNotFoundFallbackToBb()

Returns true of the LDAP provider is configured to "fall back" to the default authentication if the user is not found in LDAP.

createAuthContext

protected blackboard.platform.security.authentication.LDAPAuthContext createAuthContext(blackboard.platform.security.authentication.LDAPServerConfig config,
                                                                                        java.lang.String url)
                                                                                 throws BbSecurityException

Throws:

BbSecurityException

authenticate

protected java.lang.String authenticate(java.lang.String userName,
                                        java.lang.String password,
                                        SessionStub sessionStub,
                                        boolean useChallenge,
                                        boolean isSecondary)
                                 throws BbAuthenticationFailedException,
                                        BbSecurityException

Method to support LDAP-based authentication. Uses credentials to look up a user in an LDAP directory, or set of LDAP directories (depending on the configuration).

Overrides:

authenticate in class BaseAuthenticationModule

Parameters:

userName - User name

password - this should be the clear text password to use to perform the bind.

Returns:

User key used to load user.

Throws:

BbAuthenticationFailedException

BbSecurityException

getUserFromUsernamePassword

public User getUserFromUsernamePassword(java.lang.String username,
                                        java.lang.String password)
                                 throws PersistenceException,
                                        BbSecurityException

Returns the User object for a given username and password.

Specified by:

getUserFromUsernamePassword in interface blackboard.platform.security.authentication.IUserPassAuthModule

Throws:

PersistenceException

BbSecurityException

getRemoteUser

public java.lang.String getRemoteUser(javax.servlet.http.HttpServletRequest request)
                               throws BbSecurityException

Extracts the CGI variable REMOTE_USER from the incoming request. Not appropriate for the current LDAP implementation, since we querying the LDAP server via a bind operation within the authenticate method, so currently this method always throws a BbSecurityException.

Throws:

BbSecurityException

getNumServers

public int getNumServers()

Returns the number of LDAP servers configured.

getAuthType

public java.lang.String getAuthType()

Returns a String identifier for the authentication type for a given implementation of HttpAuthModule.

Specified by:

getAuthType in interface HttpAuthModule

Overrides:

getAuthType in class BaseAuthenticationModule

getPropKeys

public java.lang.String[] getPropKeys()

Returns a String array of the keys to this authentication module's configuration properties file.

Specified by:

getPropKeys in interface HttpAuthModule

Overrides:

getPropKeys in class BaseAuthenticationModule