Package org.jenkinsci.plugins.reverse_proxy_auth.service

Class ProxyLDAPAuthoritiesPopulator

  • All Implemented Interfaces:
    org.acegisecurity.providers.ldap.LdapAuthoritiesPopulator
    public class ProxyLDAPAuthoritiesPopulator
extends org.acegisecurity.providers.ldap.populator.DefaultLdapAuthoritiesPopulator
    LdapAuthoritiesPopulator that adds the automatic 'authenticated' role.

    • Constructor Detail

      • ProxyLDAPAuthoritiesPopulator

        public ProxyLDAPAuthoritiesPopulator​(org.acegisecurity.ldap.InitialDirContextFactory initialDirContextFactory,
                                     String groupSearchBase)

    • Method Detail

      • getAdditionalRoles

        protected Set getAdditionalRoles​(org.acegisecurity.userdetails.ldap.LdapUserDetails ldapUser)
        Overrides:
        getAdditionalRoles in class org.acegisecurity.providers.ldap.populator.DefaultLdapAuthoritiesPopulator

      • setRolePrefix

        public void setRolePrefix​(String rolePrefix)
        Overrides:
        setRolePrefix in class org.acegisecurity.providers.ldap.populator.DefaultLdapAuthoritiesPopulator

      • setConvertToUpperCase

        public void setConvertToUpperCase​(boolean convertToUpperCase)
        Overrides:
        setConvertToUpperCase in class org.acegisecurity.providers.ldap.populator.DefaultLdapAuthoritiesPopulator

      • getGroupMembershipRoles

        public Set<GrantedAuthority> getGroupMembershipRoles​(String userDn,
                                                     String username)
        Retrieves the group membership in two ways. We'd like to retain the original name, but we historically used to do "ROLE_GROUPNAME". So to remain backward compatible, we make the super class pass the unmodified "groupName", then do the backward compatible translation here, so that the user gets both "ROLE_GROUPNAME" and "groupName".
        Overrides:
        getGroupMembershipRoles in class org.acegisecurity.providers.ldap.populator.DefaultLdapAuthoritiesPopulator