Module org.elasticsearch.security
Class LdapSessionFactory
java.lang.Object
org.elasticsearch.xpack.security.authc.ldap.support.SessionFactory
org.elasticsearch.xpack.security.authc.ldap.LdapSessionFactory
- All Implemented Interfaces:
Closeable,AutoCloseable,ReloadableSecurityComponent
This factory creates LDAP connections via iterating through user templates.
Note that even though there is a separate factory for Active Directory, this factory would work against AD. A template
for each user context would need to be supplied.
-
Nested Class Summary
Nested classes/interfaces inherited from class org.elasticsearch.xpack.security.authc.ldap.support.SessionFactory
SessionFactory.LDAPServers -
Field Summary
Fields inherited from class org.elasticsearch.xpack.security.authc.ldap.support.SessionFactory
config, ignoreReferralErrors, logger, metadataResolver, serverSet, sslService, sslUsed, threadPool, timeout -
Constructor Summary
ConstructorsConstructorDescriptionLdapSessionFactory(RealmConfig config, SSLService sslService, ThreadPool threadPool) -
Method Summary
Modifier and TypeMethodDescriptionvoidCalled when a reload security settings action is executed.voidsession(String username, SecureString password, ActionListener<LdapSession> listener) This iterates through the configured user templates attempting to open.Methods inherited from class org.elasticsearch.xpack.security.authc.ldap.support.SessionFactory
close, connectionOptions, getDefaultLdapUrls, isSslUsed, supportsUnauthenticatedSession, unauthenticatedSession
-
Constructor Details
-
LdapSessionFactory
-
-
Method Details
-
session
This iterates through the configured user templates attempting to open. If all attempts fail, the last exception is kept as the cause of the thrown exception- Specified by:
sessionin classSessionFactory- Parameters:
username- a relative name, Not a distinguished name, that will be inserted into the template.password- The password of the userlistener- the listener to call on a failure or result
-
reload
Description copied from interface:ReloadableSecurityComponentCalled when a reload security settings action is executed. The reload operation must be completed when this method returns. Strictly speaking, thesettingsargument should not be accessed outside of this method's call stack, as any values stored in the node's keystore (seeSecureSetting) will not otherwise be retrievable.There is no guarantee that the secure setting's values have actually changed. Hence, it's up to implementor to detect if the actual internal reloading is necessary.
Any failure during the reloading should be signaled by raising an exception.
For additional info, see also:
ReloadablePlugin.reload(Settings).- Parameters:
settings- Settings include the initial node's settings and all decrypted secure settings from the keystore. Absence of a particular secure setting may mean that the setting was either never configured or that it was simply removed.
-