forked from UniStuttgart-VISUS/Visus.LdapAuthentication
-
Notifications
You must be signed in to change notification settings - Fork 0
/
Copy pathLdapMapping.cs
112 lines (98 loc) · 4.04 KB
/
LdapMapping.cs
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
// <copyright file="LdapMapping.cs" company="Visualisierungsinstitut der Universität Stuttgart">
// Copyright © 2021 - 2024 Visualisierungsinstitut der Universität Stuttgart.
// Licensed under the MIT licence. See LICENCE file for details.
// </copyright>
// <author>Christoph Müller</author>
using System;
namespace Visus.DirectoryAuthentication {
/// <summary>
/// Stores global LDAP mappings for a specific schema.
/// </summary>
public sealed class LdapMapping {
/// <summary>
/// Gets or sets the name of the attribute where the distinguished
/// name of an object is stored.
/// </summary>
public string DistinguishedNameAttribute { get; set; }
/// <summary>
/// Gets or sets the attribute where (non-primary) groups are stored.
/// </summary>
/// <remarks>
/// <para>For an Active Directory, this is typically something like
/// "GroupAttribute".</para>
/// </remarks>
public string GroupsAttribute { get; set; }
/// <summary>
/// Gets or sets the name of the attribute where the unique identity of
/// a group is stored.
/// </summary>
/// <remarks>
/// <para>For an Active Directory, this is typically the SID stored in
/// "objectSid".</para>
/// </remarks>
public string GroupIdentityAttribute { get; set; }
/// <summary>
/// Getr or sets the type name of a value converter that is used to
/// convert the <see cref="GroupIdentityAttribute"/>.
/// </summary>
public string GroupIdentityConverter { get; set; }
/// <summary>
/// Gets or sets the attribute where the primary group identity is
/// stored.
/// </summary>
/// <remarks>
/// <para>For an Active Directory, this is typically something like
/// "primaryGroupID"</para>.
/// </remarks>
public string PrimaryGroupAttribute { get; set; }
/// <summary>
/// Gets or sets the attributes that are required to retrieve
/// (transitive) group memberships.
/// </summary>
public string[] RequiredGroupAttributes {
get => this._requiredGroupAttributes ?? new[] {
this.DistinguishedNameAttribute,
this.GroupIdentityAttribute,
this.GroupsAttribute,
this.PrimaryGroupAttribute
};
set => this._requiredGroupAttributes = value;
}
/// <summary>
/// Gets or sets the filter to identify a single user by the user name.
/// </summary>
/// <remarks>
/// <para>This must include a format string &qout;{0}" where the
/// user name should be inserted.</para>
/// <para>For an Active Directory, this is typically something like
/// "(sAMAccountName={0})"</para>
/// </remarks>
public string UserFilter { get; set; }
/// <summary>
/// Gets or sets the filter used to identify user entries in directory
/// </summary>
/// <remarks>
/// For an Active Directory, this is typically something like
/// "(&(objectClass=user)(objectClass=person)(!(objectClass=computer)))"
/// </remarks>
public string UsersFilter { get; set; }
#region Public methods
/// <summary>
/// Gets an instance of <see cref="GroupIdentityConverter"/>.
/// </summary>
/// <returns>The converter if a valid one was configured, <c>null</c>
/// otherwise.</returns>
internal ILdapAttributeConverter GetGroupIdentityConverter() {
try {
var t = Type.GetType(this.GroupIdentityConverter);
return Activator.CreateInstance(t) as ILdapAttributeConverter;
} catch {
return null;
}
}
#endregion
#region Private fields
private string[] _requiredGroupAttributes;
#endregion
}
}