jzheaux
Reputation: 7762
Removing the user's password from UnboundId LDAP search results
Using ApacheDS, I can do DefaultDirectoryService#setPasswordHidden to ensure that when I make LDAP queries, the records that come back remove the userPassword attribute from the result set.
How would I achieve the same using UnboundId, say with InMemoryDirectoryServer?
Upvotes: 0
Views: 248
Answers (1)
jzheaux
Reputation: 7762
I was able to achieve this by creating my own InMemoryOperationInterceptor:
static class PasswordRemovingOperationInterceptor
extends InMemoryOperationInterceptor {
@Override
public void processSearchEntry(InMemoryInterceptedSearchEntry entry) {
if (!entry.getRequest().getAttributeList().contains("userPassword")) {
if (entry.getSearchEntry().getAttribute("userPassword") != null) {
Entry old = entry.getSearchEntry();
Collection<Attribute> attributes = old.getAttributes().stream()
.filter(attribute ->
!"userPassword".equals(attribute.getName()))
.collect(Collectors.toList());
Entry withoutPassword = new Entry(old.getDN(), attributes);
entry.setSearchEntry(withoutPassword);
}
}
}
}
And then adding this to the startup configuration:
InMemoryDirectoryServerConfig config = ...;
config.addInMemoryOperationInterceptor(new PasswordRemovingOperationInterceptor());
Is there a more elegant way, though?
Upvotes: 1
Related Questions
- LDAP changing user password on Active Directory
- unboundid ldap SDK how to get all users and exclude a department
- unlock user account using UNBoundID SDK
- Changing LDAP users password
- Change user password in LDAP using unboundid
- How to reuse an LDAP connection in Unboundid LDAP SDK?
- AD password reset using UNBoundID SDK
- Unboundid not returning requested LDAP attributes. Why?
- How to get DN and password with UnboundID
- how to use UnboundID LDAP in android?