Package jenkins.security.plugins.ldap

Class LDAPConfiguration

java.lang.Object
hudson.model.AbstractDescribableImpl<LDAPConfiguration>
jenkins.security.plugins.ldap.LDAPConfiguration
All Implemented Interfaces:
Describable<LDAPConfiguration>
public class LDAPConfiguration extends AbstractDescribableImpl<LDAPConfiguration>
A configuration for one ldap connection

  • Field Details

    • CONNECT_TIMEOUT

      public static final int CONNECT_TIMEOUT

    • READ_TIMEOUT

      public static final int READ_TIMEOUT

  • Constructor Details

    • LDAPConfiguration

      @DataBoundConstructor public LDAPConfiguration(@NonNull String server, String rootDN, boolean inhibitInferRootDN, String managerDN, Secret managerPasswordSecret)

  • Method Details

    • getServer

      public String getServer()
      LDAP server name(s) separated by spaces, optionally with TCP port number, like "ldap.acme.org" or "ldap.acme.org:389" and/or with protocol, like "ldap://ldap.acme.org".

    • getServerUrl

      public String getServerUrl()

    • getRootDN

      public String getRootDN()
      The root DN to connect to. Normally something like "dc=sun,dc=com"

    • getLDAPURL

      public String getLDAPURL()

    • isInhibitInferRootDN

      public boolean isInhibitInferRootDN()
      Allow the rootDN to be inferred? Default is false. If true, allow rootDN to be blank.

    • getUserSearchBase

      public String getUserSearchBase()
      Specifies the relative DN from the root DN. This is used to narrow down the search space when doing user search. Something like "ou=people" but can be empty.

    • setUserSearchBase

      @DataBoundSetter public void setUserSearchBase(String userSearchBase)
      Specifies the relative DN from the root DN. This is used to narrow down the search space when doing user search. Something like "ou=people" but can be empty.

    • getUserSearch

      public String getUserSearch()
      Query to locate an entry that identifies the user, given the user name string. Normally "uid={0}"
      See Also:
      • FilterBasedLdapUserSearch

    • setUserSearch

      @DataBoundSetter public void setUserSearch(String userSearch)
      Query to locate an entry that identifies the user, given the user name string. Normally "uid={0}"
      See Also:
      • FilterBasedLdapUserSearch

    • getGroupSearchBase

      public String getGroupSearchBase()
      This defines the organizational unit that contains groups. Normally "" to indicate the full LDAP search, but can be often narrowed down to something like "ou=groups"
      See Also:
      • FilterBasedLdapUserSearch

    • setGroupSearchBase

      @DataBoundSetter public void setGroupSearchBase(String groupSearchBase)
      This defines the organizational unit that contains groups. Normally "" to indicate the full LDAP search, but can be often narrowed down to something like "ou=groups"
      See Also:
      • FilterBasedLdapUserSearch

    • getGroupSearchFilter

      public String getGroupSearchFilter()
      Query to locate an entry that identifies the group, given the group name string. If non-null it will override the default specified by LDAPSecurityRealm.GROUP_SEARCH

    • setGroupSearchFilter

      @DataBoundSetter public void setGroupSearchFilter(String groupSearchFilter)
      Query to locate an entry that identifies the group, given the group name string. If non-null it will override the default specified by LDAPSecurityRealm.GROUP_SEARCH

    • getGroupMembershipStrategy

      public LDAPGroupMembershipStrategy getGroupMembershipStrategy()

    • setGroupMembershipStrategy

      @DataBoundSetter public void setGroupMembershipStrategy(LDAPGroupMembershipStrategy groupMembershipStrategy)

    • getManagerDN

      public String getManagerDN()
      If non-null, we use this and getManagerPassword() when binding to LDAP. This is necessary when LDAP doesn't support anonymous access.

    • getManagerPassword

      public String getManagerPassword()
      Password used to first bind to LDAP.

    • getManagerPasswordSecret

      public Secret getManagerPasswordSecret()

    • getDisplayNameAttributeName

      public String getDisplayNameAttributeName()

    • setDisplayNameAttributeName

      @DataBoundSetter public void setDisplayNameAttributeName(String displayNameAttributeName)

    • getMailAddressAttributeName

      public String getMailAddressAttributeName()

    • setMailAddressAttributeName

      @DataBoundSetter public void setMailAddressAttributeName(String mailAddressAttributeName)

    • isIgnoreIfUnavailable

      public boolean isIgnoreIfUnavailable()

    • setIgnoreIfUnavailable

      @DataBoundSetter public void setIgnoreIfUnavailable(boolean ignoreIfUnavailable)

    • getExtraEnvVars

      public Map<String,String> getExtraEnvVars()

    • setExtraEnvVars

      @Restricted(org.kohsuke.accmod.restrictions.NoExternalUse.class) public void setExtraEnvVars(Map<String,String> extraEnvVars)

    • getEnvironmentProperties

      public LDAPSecurityRealm.EnvironmentProperty[] getEnvironmentProperties()

    • setEnvironmentProperties

      @DataBoundSetter public void setEnvironmentProperties(LDAPSecurityRealm.EnvironmentProperty[] environmentProperties)

    • getId

      public String getId()

    • isConfiguration

      public boolean isConfiguration(String id)

    • validateServerUrlIsSecure

      public static boolean validateServerUrlIsSecure(String server)
      Validates if the LDAP server URL is secure (uses ldaps). Returns FALSE if the server URL is not secure.

    • createApplicationContext

      @Restricted(org.kohsuke.accmod.restrictions.NoExternalUse.class) public LDAPConfiguration.ApplicationContext createApplicationContext(LDAPSecurityRealm realm)

    • getLdapTemplate

      @Restricted(org.kohsuke.accmod.restrictions.NoExternalUse.class) public LDAPExtendedTemplate getLdapTemplate()