This is an automated email from the ASF dual-hosted git repository.
mmoayyed pushed a commit to branch master
in repository https://gitbox.apache.org/repos/asf/syncope.git
The following commit(s) were added to refs/heads/master by this push:
new 9988142a30 SYNCOPE-1835: Support Credential Criteria for LDAP
authentication (#885)
9988142a30 is described below
commit 9988142a30c2d1e4f53955b8495d1ddceb18a9f0
Author: Misagh Moayyed <[email protected]>
AuthorDate: Fri Nov 1 08:23:06 2024 +0400
SYNCOPE-1835: Support Credential Criteria for LDAP authentication (#885)
---
.../syncope/common/lib/auth/LDAPAuthModuleConf.java | 19 +++++++++++++++++++
.../mapping/AuthModulePropertySourceMapper.java | 4 ++--
2 files changed, 21 insertions(+), 2 deletions(-)
diff --git
a/common/am/lib/src/main/java/org/apache/syncope/common/lib/auth/LDAPAuthModuleConf.java
b/common/am/lib/src/main/java/org/apache/syncope/common/lib/auth/LDAPAuthModuleConf.java
index 109c33b022..e772f54679 100644
---
a/common/am/lib/src/main/java/org/apache/syncope/common/lib/auth/LDAPAuthModuleConf.java
+++
b/common/am/lib/src/main/java/org/apache/syncope/common/lib/auth/LDAPAuthModuleConf.java
@@ -157,6 +157,17 @@ public class LDAPAuthModuleConf extends AbstractLDAPConf
implements AuthModuleCo
*/
private boolean collectDnAttribute;
+ /**
+ * A number of authentication handlers are allowed to determine whether
they can operate on the provided credential
+ * and as such lend themselves to be tried and tested during the
authentication handler selection phase.
+ * The credential criteria may be one of the following options:<ul>
+ * <li>1) A regular expression pattern that is tested against the
credential identifier.</li>
+ * <li>2) A fully qualified class name of your own design that implements
{@code Predicate}.</li>
+ * <li>3) Path to an external Groovy script that implements the same
interface.</li>
+ * </ul>
+ */
+ private String credentialCriteria;
+
public AuthenticationType getAuthenticationType() {
return authenticationType;
}
@@ -243,6 +254,14 @@ public class LDAPAuthModuleConf extends AbstractLDAPConf
implements AuthModuleCo
this.collectDnAttribute = collectDnAttribute;
}
+ public String getCredentialCriteria() {
+ return credentialCriteria;
+ }
+
+ public void setCredentialCriteria(final String credentialCriteria) {
+ this.credentialCriteria = credentialCriteria;
+ }
+
@Override
public Map<String, Object> map(final AuthModuleTO authModule, final Mapper
mapper) {
return mapper.map(authModule, this);
diff --git
a/wa/bootstrap/src/main/java/org/apache/syncope/wa/bootstrap/mapping/AuthModulePropertySourceMapper.java
b/wa/bootstrap/src/main/java/org/apache/syncope/wa/bootstrap/mapping/AuthModulePropertySourceMapper.java
index 17dd7dd2a5..884e8620ff 100644
---
a/wa/bootstrap/src/main/java/org/apache/syncope/wa/bootstrap/mapping/AuthModulePropertySourceMapper.java
+++
b/wa/bootstrap/src/main/java/org/apache/syncope/wa/bootstrap/mapping/AuthModulePropertySourceMapper.java
@@ -122,8 +122,8 @@ public class AuthModulePropertySourceMapper extends
PropertySourceMapper impleme
props.setAllowMultiplePrincipalAttributeValues(conf.isAllowMultiplePrincipalAttributeValues());
props.setAdditionalAttributes(conf.getAdditionalAttributes());
props.setAllowMissingPrincipalAttributeValue(conf.isAllowMissingPrincipalAttributeValue());
- props.setCollectDnAttribute(props.isCollectDnAttribute());
-
+ props.setCollectDnAttribute(conf.isCollectDnAttribute());
+ props.setCredentialCriteria(conf.getCredentialCriteria());
props.getPasswordPolicy().setType(AbstractLdapProperties.LdapType.valueOf(conf.getLdapType().name()));
fill(props, conf);
