blackboard.platform.security.authentication
Class LDAPAuthModule

java.lang.Object
  extended by blackboard.platform.security.authentication.BaseAuthenticationModule
      extended by blackboard.platform.security.authentication.LDAPAuthModule
All Implemented Interfaces:
HttpAuthModule, blackboard.platform.security.authentication.IUserPassAuthModule

public class LDAPAuthModule
extends BaseAuthenticationModule
implements blackboard.platform.security.authentication.IUserPassAuthModule

Implementation class for the LDAP authentication provider for Blackboard Learning system. Building Block Developers are able to subclass this in custom authentications. However, specific changes to the way that the provider connects to the LDAP server may not be made and will still be dictated by properties set in the authentication.properties file.

Subclasses must call the BaseAuthenticationModule.authenticate(String, String, SessionStub, boolean) and init(ConfigurationService) methods in this class or the LDAP functionality will not work.

Developers that wish to substantially change the behavior of the LDAP provider can use BaseAuthenticationModule to implement their own LDAP provider using JNDI or another library.

Since:
Bb 6.3
See Also:
HttpAuthModule

Nested Class Summary
 
Nested classes/interfaces inherited from class blackboard.platform.security.authentication.BaseAuthenticationModule
BaseAuthenticationModule.ValidationSucceeded
 
Field Summary
 
Fields inherited from class blackboard.platform.security.authentication.BaseAuthenticationModule
_config, _logger, IMPL_CLASS_KEY, USE_CHALLENGE_KEY
 
Constructor Summary
LDAPAuthModule()
          Constructor for the LDAP authentication provider.
 
Method Summary
protected  java.lang.String authenticate(java.lang.String userName, java.lang.String password, SessionStub sessionStub, boolean useChallenge, boolean isSecondary)
          Method to support LDAP-based authentication.
protected  blackboard.platform.security.authentication.LDAPAuthContext createAuthContext(blackboard.platform.security.authentication.LDAPServerConfig config, java.lang.String url)
           
 java.lang.String getAuthType()
          Returns a String identifier for the authentication type for a given implementation of HttpAuthModule.
 boolean getErrorFallbackToBb()
          Returns a true if the LDAP provider is configured to "fall back" to the default authentication if an error is encountered using LDAP.
 int getNumServers()
          Returns the number of LDAP servers configured.
 java.lang.String[] getPropKeys()
          Returns a String array of the keys to this authentication module's configuration properties file.
 java.lang.String getRemoteUser(javax.servlet.http.HttpServletRequest request)
          Extracts the CGI variable REMOTE_USER from the incoming request.
 User getUserFromUsernamePassword(java.lang.String username, java.lang.String password)
          Returns the User object for a given username and password.
 boolean getUserNotFoundFallbackToBb()
          Returns true of the LDAP provider is configured to "fall back" to the default authentication if the user is not found in LDAP.
 void init(ConfigurationService cfg)
          Initializes authentication module.
 
Methods inherited from class blackboard.platform.security.authentication.BaseAuthenticationModule
assertRequestAuthenticate, authenticate, doAuthenticate, doAuthenticate, doAuthenticate, doLogout, establishSession, getBundle, getConfigErrs, getCreateAccountAllowed, getDefaultAuthType, getDoAuthenticateParams, getRequestAuthenticateUri, getSecondaryDoAuthenticateParams, getSubConfigErrs, getUseChallenge, isExternalAuth, requestAuthenticate, setAuthTypeDisplayStr, setConfig, setGlobalKeys, suppressFirstLoadError, validateConfig, validatePassword
 
Methods inherited from class java.lang.Object
clone, equals, finalize, getClass, hashCode, notify, notifyAll, toString, wait, wait, wait
 

Constructor Detail

LDAPAuthModule

public LDAPAuthModule()
Constructor for the LDAP authentication provider. Not necessary, but adding here in case someone ever adds a second constructor which would prevent the default constructor from getting created.

Method Detail

init

public void init(ConfigurationService cfg)
Initializes authentication module.

Specified by:
init in interface HttpAuthModule
Overrides:
init in class BaseAuthenticationModule
Parameters:
cfg - The ConfigurationService for this installation.

getErrorFallbackToBb

public boolean getErrorFallbackToBb()
Returns a true if the LDAP provider is configured to "fall back" to the default authentication if an error is encountered using LDAP.


getUserNotFoundFallbackToBb

public boolean getUserNotFoundFallbackToBb()
Returns true of the LDAP provider is configured to "fall back" to the default authentication if the user is not found in LDAP.


createAuthContext

protected blackboard.platform.security.authentication.LDAPAuthContext createAuthContext(blackboard.platform.security.authentication.LDAPServerConfig config,
                                                                                        java.lang.String url)
                                                                                 throws BbSecurityException
Throws:
BbSecurityException

authenticate

protected java.lang.String authenticate(java.lang.String userName,
                                        java.lang.String password,
                                        SessionStub sessionStub,
                                        boolean useChallenge,
                                        boolean isSecondary)
                                 throws BbAuthenticationFailedException,
                                        BbSecurityException
Method to support LDAP-based authentication. Uses credentials to look up a user in an LDAP directory, or set of LDAP directories (depending on the configuration).

Overrides:
authenticate in class BaseAuthenticationModule
Parameters:
userName - User name
password - this should be the clear text password to use to perform the bind.
Returns:
User key used to load user.
Throws:
BbAuthenticationFailedException
BbSecurityException

getUserFromUsernamePassword

public User getUserFromUsernamePassword(java.lang.String username,
                                        java.lang.String password)
                                 throws PersistenceException,
                                        BbSecurityException
Returns the User object for a given username and password.

Specified by:
getUserFromUsernamePassword in interface blackboard.platform.security.authentication.IUserPassAuthModule
Throws:
PersistenceException
BbSecurityException

getRemoteUser

public java.lang.String getRemoteUser(javax.servlet.http.HttpServletRequest request)
                               throws BbSecurityException
Extracts the CGI variable REMOTE_USER from the incoming request. Not appropriate for the current LDAP implementation, since we querying the LDAP server via a bind operation within the authenticate method, so currently this method always throws a BbSecurityException.

Throws:
BbSecurityException

getNumServers

public int getNumServers()
Returns the number of LDAP servers configured.


getAuthType

public java.lang.String getAuthType()
Returns a String identifier for the authentication type for a given implementation of HttpAuthModule.

Specified by:
getAuthType in interface HttpAuthModule
Overrides:
getAuthType in class BaseAuthenticationModule

getPropKeys

public java.lang.String[] getPropKeys()
Returns a String array of the keys to this authentication module's configuration properties file.

Specified by:
getPropKeys in interface HttpAuthModule
Overrides:
getPropKeys in class BaseAuthenticationModule


Copyright © 2012 Blackboard, Inc. All Rights Reserved.