Authenticator (ApacheDS 2.0.0-M21 API)

All Known Implementing Classes:

AbstractAuthenticator, AnonymousAuthenticator, DelegatingAuthenticator, SimpleAuthenticator, StrongAuthenticator
```
public interface Authenticator
```
Authenticates users who access DefaultPartitionNexus.
Authenticators are registered to and configured by AuthenticationInterceptor interceptor.
AuthenticationInterceptor authenticates users by calling authenticate(BindOperationContext), and then Authenticator checks JNDI Context environment properties (Context#SECURITY_PRINCIPAL and Context#SECURITY_CREDENTIALS) of current Context.

Author:

Apache Directory Project

See Also:

AbstractAuthenticator

Method Summary

All Methods Instance Methods Abstract Methods
Modifier and Type	Method and Description
`LdapPrincipal`	`authenticate(BindOperationContext bindContext)` Performs authentication and returns the principal if succeeded.
`void`	`checkPwdPolicy(org.apache.directory.api.ldap.model.entry.Entry userEntry)` performs checks on the given entry based on the specified password policy configuration
`void`	`destroy()` Called by `AuthenticationInterceptor` to indicate that this authenticator is being removed from service.
`org.apache.directory.api.ldap.model.constants.AuthenticationLevel`	`getAuthenticatorType()` Returns the type of this authenticator (e.g.
`org.apache.directory.api.ldap.model.name.Dn`	`getBaseDn()`
`void`	`init(DirectoryService directoryService)` Called by `AuthenticationInterceptor` to indicate that this authenticator is being placed into service.
`void`	`invalidateCache(org.apache.directory.api.ldap.model.name.Dn bindDn)` Callback used to respond to password changes by invalidating a password cache if implemented.
`boolean`	`isValid(org.apache.directory.api.ldap.model.name.Dn bindDn)` Check that this selector is a valid one.
`void`	`setBaseDn(org.apache.directory.api.ldap.model.name.Dn baseDn)` Set the baseDN into the Authenticator

- Method Detail
  - getAuthenticatorType
```
org.apache.directory.api.ldap.model.constants.AuthenticationLevel getAuthenticatorType()
```
    Returns the type of this authenticator (e.g. 'simple', 'none',...).
  - init
```
void init(DirectoryService directoryService)
   throws org.apache.directory.api.ldap.model.exception.LdapException
```
    Called by AuthenticationInterceptor to indicate that this authenticator is being placed into service.
    
    Throws:
    
    org.apache.directory.api.ldap.model.exception.LdapException
  - destroy
```
void destroy()
```
    Called by AuthenticationInterceptor to indicate that this authenticator is being removed from service.
  - invalidateCache
```
void invalidateCache(org.apache.directory.api.ldap.model.name.Dn bindDn)
```
    Callback used to respond to password changes by invalidating a password cache if implemented. This is an additional feature of an authenticator which need not be implemented: empty implementation is sufficient. This is called on every del, modify, and modifyRdn operation.
    
    Parameters:
    
    bindDn - the already normalized distinguished name of the bind principal
  - authenticate
```
LdapPrincipal authenticate(BindOperationContext bindContext)
                    throws Exception
```
    Performs authentication and returns the principal if succeeded.
    
    Parameters:
    
    bindContext - The Bind context
    
    Throws:
    
    If - the authentication failed
    
    Exception
  - checkPwdPolicy
```
void checkPwdPolicy(org.apache.directory.api.ldap.model.entry.Entry userEntry)
             throws org.apache.directory.api.ldap.model.exception.LdapException
```
    performs checks on the given entry based on the specified password policy configuration
    
    Parameters:
    
    userEntry - the user entry to be checked for authentication
    
    Throws:
    
    PasswordPolicyException
    
    org.apache.directory.api.ldap.model.exception.LdapException
  - isValid
```
boolean isValid(org.apache.directory.api.ldap.model.name.Dn bindDn)
```
    Check that this selector is a valid one. The DN we want to authenticate has to be part of the DIT selection associated with teh Authenticator
    
    Parameters:
    
    bindDn - The DN we want to authenticate
    
    Returns:
    
    true if the Auhenticator is supporting the DN
  - getBaseDn
```
org.apache.directory.api.ldap.model.name.Dn getBaseDn()
```
    Returns:
    
    The Authenticator base DN
  - setBaseDn
```
void setBaseDn(org.apache.directory.api.ldap.model.name.Dn baseDn)
```
    Set the baseDN into the Authenticator
    
    Parameters:
    
    baseDn - The Base DN to set

Interface Authenticator

Method Summary

Method Detail

getAuthenticatorType

init

destroy

invalidateCache

authenticate

checkPwdPolicy

isValid

getBaseDn

setBaseDn