LdapUserLookup

Overview

LdapUserLookup is a class that provides usage of the LdapClient for authentication. It's a thread-safe wrapper; to find the DN for a given username, validate the password and return a list of groups this user is in.

Location

 

constructor .NET, .NET Core 5.0, .NET Standard 2.0, Island

Creates a new instance of this class.

 

constructor

 

LdapUserLookup()

 

init()

 

Sub New()

AfterConnect

Triggered just after the connection has been established. The parameter will provide access to the LdapClient object.

 

// .NET, .NET Core 5.0, .NET Standard 2.0
event AfterConnect: EventHandler<LdapEventArgs>
// Island
event AfterConnect: EventHandler

 

// .NET, .NET Core 5.0, .NET Standard 2.0
delegate EventHandler<LdapEventArgs> AfterConnect()
// Island
delegate EventHandler AfterConnect()

 

// .NET, .NET Core 5.0, .NET Standard 2.0
__event EventHandler<LdapEventArgs>: AfterConnect!
// Island, Toffee
__event EventHandler: AfterConnect!

 

// .NET, .NET Core 5.0, .NET Standard 2.0
Event AfterConnect As EventHandler<LdapEventArgs>
// Island
Event AfterConnect As EventHandler

BeforeConnect

Triggered just before a connection is made. The parameter will provide access to the LdapClient object.

 

// .NET, .NET Core 5.0, .NET Standard 2.0
event BeforeConnect: EventHandler<LdapEventArgs>
// Island
event BeforeConnect: EventHandler

 

// .NET, .NET Core 5.0, .NET Standard 2.0
delegate EventHandler<LdapEventArgs> BeforeConnect()
// Island
delegate EventHandler BeforeConnect()

 

// .NET, .NET Core 5.0, .NET Standard 2.0
__event EventHandler<LdapEventArgs>: BeforeConnect!
// Island, Toffee
__event EventHandler: BeforeConnect!

 

// .NET, .NET Core 5.0, .NET Standard 2.0
Event BeforeConnect As EventHandler<LdapEventArgs>
// Island
Event BeforeConnect As EventHandler

Disconnected

Triggered just after the LdapClient disconnects.

 

// .NET, .NET Core 5.0, .NET Standard 2.0
event Disconnected: EventHandler<LdapEventArgs>
// Island
event Disconnected: EventHandler

 

// .NET, .NET Core 5.0, .NET Standard 2.0
delegate EventHandler<LdapEventArgs> Disconnected()
// Island
delegate EventHandler Disconnected()

 

// .NET, .NET Core 5.0, .NET Standard 2.0
__event EventHandler<LdapEventArgs>: Disconnected!
// Island, Toffee
__event EventHandler: Disconnected!

 

// .NET, .NET Core 5.0, .NET Standard 2.0
Event Disconnected As EventHandler<LdapEventArgs>
// Island
Event Disconnected As EventHandler

Dispose  protected virtual    (declared in Component) Island, Toffee

 

method Dispose(disposing: Boolean)

 

void Dispose(Boolean disposing)

 

func Dispose(_ disposing: Boolean)

 

Sub Dispose(disposing As Boolean)

Parameters:

  • disposing:

GroupFilter  virtual

Filter to use for finding groups a user is in. The default value is "(objectClass=groupOfNames)". groupOfNames and groupOfUniqueNames are supported.

 

property GroupFilter: String read write;

 

String GroupFilter { get; set; }

 

var GroupFilter: String { get{} set{} }

 

Property GroupFilter() As String

GroupMemberField  virtual

Contains the attribute name of the Ldap group object that will contain the DN for a user. By default, this is "member".

 

property GroupMemberField: String read write;

 

String GroupMemberField { get; set; }

 

var GroupMemberField: String { get{} set{} }

 

Property GroupMemberField() As String

GroupNameField  virtual

Contains the attribute name of the Ldap group object that will contain the name of the group. The default value is "cn".

 

property GroupNameField: String read write;

 

String GroupNameField { get; set; }

 

var GroupNameField: String { get{} set{} }

 

Property GroupNameField() As String

GroupSearchBase  virtual

The search base for the groups to search for a user.

 

property GroupSearchBase: String read write;

 

String GroupSearchBase { get; set; }

 

var GroupSearchBase: String { get{} set{} }

 

Property GroupSearchBase() As String

Hostname  virtual

The target hostname.

 

property Hostname: String read write;

 

String Hostname { get; set; }

 

var Hostname: String { get{} set{} }

 

Property Hostname() As String

Login  virtual

Tries to log in a user. The result will be nil if the user cannot be found. Otherwise the resulting class contains:

  • Username: Name of the user
  • DN: Full distinguished name of the Ldap user object
  • UserObject: Details about this user, contains the full user record
  • GroupMembership: Groups this user is a member of

 

method Login(username: String; password: String): LookupResults

 

LookupResults Login(String username, String password)

 

func Login(_ username: String, _ password: String) -> LookupResults

 

Function Login(username As String, password As String) As LookupResults

Parameters:

  • username: Username of this user (note: this is not the DN, it's generally the uid used by Ldap).
  • password: Password this user used to login; null or empty will not be accepted as valid even if the user has an empty password.

LookupDN  virtual

Username used to look up users. This login name should have access to all users and all groups as it's used to resolve the DN for a username and return the group list.

 

property LookupDN: String read write;

 

String LookupDN { get; set; }

 

var LookupDN: String { get{} set{} }

 

Property LookupDN() As String

LookupPassword  virtual

Contains the password associated with the LookupDN account.

 

property LookupPassword: String read write;

 

String LookupPassword { get; set; }

 

var LookupPassword: String { get{} set{} }

 

Property LookupPassword() As String

Port  virtual

Port to connect to.

 

property Port: Int32 read write;

 

Int32 Port { get; set; }

 

var Port: Int32 { get{} set{} }

 

Property Port() As Int32

SearchGroups  virtual

When true, the LdapUserLookup will look up the groups the user to be authenticated is member of. By default, this property is set to true.

 

property SearchGroups: Boolean read write;

 

Boolean SearchGroups { get; set; }

 

var SearchGroups: Boolean { get{} set{} }

 

Property SearchGroups() As Boolean

SearchSubTree  virtual

When true, it will recurse into sub trees during the search for users and groups. By default, this property is set to true.

 

property SearchSubTree: Boolean read write;

 

Boolean SearchSubTree { get; set; }

 

var SearchSubTree: Boolean { get{} set{} }

 

Property SearchSubTree() As Boolean

StripGroupBaseDN  virtual

When false, the list of groups a user is member of will contain the full DN of the groups, for true it will strip the group base from the DN and just return the name of the group prefixed by any name.

  • GroupBase: ou=groups,cn=company,cn=com
  • Item: cn=mygroup,ou=groups,cn=company,cn=com
    ** returns: "mygroup"
  • Item: cn=mygroup,ou=list,ou=groups,cn=company,cn=com
    ** returns: "list.mygroup"

False by default.

 

property StripGroupBaseDN: Boolean read write;

 

Boolean StripGroupBaseDN { get; set; }

 

var StripGroupBaseDN: Boolean { get{} set{} }

 

Property StripGroupBaseDN() As Boolean

UserFilter  virtual

Ldap filter to use when looking up a user. Defaults to "(objectClass=inetOrgPerson)".

 

property UserFilter: String read write;

 

String UserFilter { get; set; }

 

var UserFilter: String { get{} set{} }

 

Property UserFilter() As String

UserNameField  virtual

Contains the Ldap field with the username. Defaults to "uid".

 

property UserNameField: String read write;

 

String UserNameField { get; set; }

 

var UserNameField: String { get{} set{} }

 

Property UserNameField() As String

UserSearchBase  virtual

Search base to start searching for a user.

 

property UserSearchBase: String read write;

 

String UserSearchBase { get; set; }

 

var UserSearchBase: String { get{} set{} }

 

Property UserSearchBase() As String

UseStartTLS  virtual

When true, the Ldap client will try to initialize TLS after connecting.

 

property UseStartTLS: Boolean read write;

 

Boolean UseStartTLS { get; set; }

 

var UseStartTLS: Boolean { get{} set{} }

 

Property UseStartTLS() As Boolean

 

GroupFilter  virtual

Filter to use for finding groups a user is in. The default value is "(objectClass=groupOfNames)". groupOfNames and groupOfUniqueNames are supported.

 

property GroupFilter: String read write;

 

String GroupFilter { get; set; }

 

var GroupFilter: String { get{} set{} }

 

Property GroupFilter() As String

GroupMemberField  virtual

Contains the attribute name of the Ldap group object that will contain the DN for a user. By default, this is "member".

 

property GroupMemberField: String read write;

 

String GroupMemberField { get; set; }

 

var GroupMemberField: String { get{} set{} }

 

Property GroupMemberField() As String

GroupNameField  virtual

Contains the attribute name of the Ldap group object that will contain the name of the group. The default value is "cn".

 

property GroupNameField: String read write;

 

String GroupNameField { get; set; }

 

var GroupNameField: String { get{} set{} }

 

Property GroupNameField() As String

GroupSearchBase  virtual

The search base for the groups to search for a user.

 

property GroupSearchBase: String read write;

 

String GroupSearchBase { get; set; }

 

var GroupSearchBase: String { get{} set{} }

 

Property GroupSearchBase() As String

Hostname  virtual

The target hostname.

 

property Hostname: String read write;

 

String Hostname { get; set; }

 

var Hostname: String { get{} set{} }

 

Property Hostname() As String

LookupDN  virtual

Username used to look up users. This login name should have access to all users and all groups as it's used to resolve the DN for a username and return the group list.

 

property LookupDN: String read write;

 

String LookupDN { get; set; }

 

var LookupDN: String { get{} set{} }

 

Property LookupDN() As String

LookupPassword  virtual

Contains the password associated with the LookupDN account.

 

property LookupPassword: String read write;

 

String LookupPassword { get; set; }

 

var LookupPassword: String { get{} set{} }

 

Property LookupPassword() As String

Port  virtual

Port to connect to.

 

property Port: Int32 read write;

 

Int32 Port { get; set; }

 

var Port: Int32 { get{} set{} }

 

Property Port() As Int32

SearchGroups  virtual

When true, the LdapUserLookup will look up the groups the user to be authenticated is member of. By default, this property is set to true.

 

property SearchGroups: Boolean read write;

 

Boolean SearchGroups { get; set; }

 

var SearchGroups: Boolean { get{} set{} }

 

Property SearchGroups() As Boolean

SearchSubTree  virtual

When true, it will recurse into sub trees during the search for users and groups. By default, this property is set to true.

 

property SearchSubTree: Boolean read write;

 

Boolean SearchSubTree { get; set; }

 

var SearchSubTree: Boolean { get{} set{} }

 

Property SearchSubTree() As Boolean

StripGroupBaseDN  virtual

When false, the list of groups a user is member of will contain the full DN of the groups, for true it will strip the group base from the DN and just return the name of the group prefixed by any name.

  • GroupBase: ou=groups,cn=company,cn=com
  • Item: cn=mygroup,ou=groups,cn=company,cn=com
    ** returns: "mygroup"
  • Item: cn=mygroup,ou=list,ou=groups,cn=company,cn=com
    ** returns: "list.mygroup"

False by default.

 

property StripGroupBaseDN: Boolean read write;

 

Boolean StripGroupBaseDN { get; set; }

 

var StripGroupBaseDN: Boolean { get{} set{} }

 

Property StripGroupBaseDN() As Boolean

UserFilter  virtual

Ldap filter to use when looking up a user. Defaults to "(objectClass=inetOrgPerson)".

 

property UserFilter: String read write;

 

String UserFilter { get; set; }

 

var UserFilter: String { get{} set{} }

 

Property UserFilter() As String

UserNameField  virtual

Contains the Ldap field with the username. Defaults to "uid".

 

property UserNameField: String read write;

 

String UserNameField { get; set; }

 

var UserNameField: String { get{} set{} }

 

Property UserNameField() As String

UserSearchBase  virtual

Search base to start searching for a user.

 

property UserSearchBase: String read write;

 

String UserSearchBase { get; set; }

 

var UserSearchBase: String { get{} set{} }

 

Property UserSearchBase() As String

UseStartTLS  virtual

When true, the Ldap client will try to initialize TLS after connecting.

 

property UseStartTLS: Boolean read write;

 

Boolean UseStartTLS { get; set; }

 

var UseStartTLS: Boolean { get{} set{} }

 

Property UseStartTLS() As Boolean

 

constructor .NET, .NET Core 5.0, .NET Standard 2.0, Island

Creates a new instance of this class.

 

constructor

 

LdapUserLookup()

 

init()

 

Sub New()

Dispose  protected virtual    (declared in Component) Island, Toffee

 

method Dispose(disposing: Boolean)

 

void Dispose(Boolean disposing)

 

func Dispose(_ disposing: Boolean)

 

Sub Dispose(disposing As Boolean)

Parameters:

  • disposing:

Login  virtual

Tries to log in a user. The result will be nil if the user cannot be found. Otherwise the resulting class contains:

  • Username: Name of the user
  • DN: Full distinguished name of the Ldap user object
  • UserObject: Details about this user, contains the full user record
  • GroupMembership: Groups this user is a member of

 

method Login(username: String; password: String): LookupResults

 

LookupResults Login(String username, String password)

 

func Login(_ username: String, _ password: String) -> LookupResults

 

Function Login(username As String, password As String) As LookupResults

Parameters:

  • username: Username of this user (note: this is not the DN, it's generally the uid used by Ldap).
  • password: Password this user used to login; null or empty will not be accepted as valid even if the user has an empty password.

 

AfterConnect

Triggered just after the connection has been established. The parameter will provide access to the LdapClient object.

 

// .NET, .NET Core 5.0, .NET Standard 2.0
event AfterConnect: EventHandler<LdapEventArgs>
// Island
event AfterConnect: EventHandler

 

// .NET, .NET Core 5.0, .NET Standard 2.0
delegate EventHandler<LdapEventArgs> AfterConnect()
// Island
delegate EventHandler AfterConnect()

 

// .NET, .NET Core 5.0, .NET Standard 2.0
__event EventHandler<LdapEventArgs>: AfterConnect!
// Island, Toffee
__event EventHandler: AfterConnect!

 

// .NET, .NET Core 5.0, .NET Standard 2.0
Event AfterConnect As EventHandler<LdapEventArgs>
// Island
Event AfterConnect As EventHandler

BeforeConnect

Triggered just before a connection is made. The parameter will provide access to the LdapClient object.

 

// .NET, .NET Core 5.0, .NET Standard 2.0
event BeforeConnect: EventHandler<LdapEventArgs>
// Island
event BeforeConnect: EventHandler

 

// .NET, .NET Core 5.0, .NET Standard 2.0
delegate EventHandler<LdapEventArgs> BeforeConnect()
// Island
delegate EventHandler BeforeConnect()

 

// .NET, .NET Core 5.0, .NET Standard 2.0
__event EventHandler<LdapEventArgs>: BeforeConnect!
// Island, Toffee
__event EventHandler: BeforeConnect!

 

// .NET, .NET Core 5.0, .NET Standard 2.0
Event BeforeConnect As EventHandler<LdapEventArgs>
// Island
Event BeforeConnect As EventHandler

Disconnected

Triggered just after the LdapClient disconnects.

 

// .NET, .NET Core 5.0, .NET Standard 2.0
event Disconnected: EventHandler<LdapEventArgs>
// Island
event Disconnected: EventHandler

 

// .NET, .NET Core 5.0, .NET Standard 2.0
delegate EventHandler<LdapEventArgs> Disconnected()
// Island
delegate EventHandler Disconnected()

 

// .NET, .NET Core 5.0, .NET Standard 2.0
__event EventHandler<LdapEventArgs>: Disconnected!
// Island, Toffee
__event EventHandler: Disconnected!

 

// .NET, .NET Core 5.0, .NET Standard 2.0
Event Disconnected As EventHandler<LdapEventArgs>
// Island
Event Disconnected As EventHandler