Class AbstractLDAPStorageMapper
- java.lang.Object
-
- org.keycloak.storage.ldap.mappers.AbstractLDAPStorageMapper
-
- All Implemented Interfaces:
Provider
,LDAPStorageMapper
- Direct Known Subclasses:
FullNameLDAPStorageMapper
,GroupLDAPStorageMapper
,HardcodedAttributeMapper
,HardcodedLDAPAttributeMapper
,HardcodedLDAPGroupStorageMapper
,HardcodedLDAPRoleStorageMapper
,MSADLDSUserAccountControlStorageMapper
,MSADUserAccountControlStorageMapper
,RoleLDAPStorageMapper
,UserAttributeLDAPStorageMapper
public abstract class AbstractLDAPStorageMapper extends Object implements LDAPStorageMapper
Stateful per-request object- Author:
- Marek Posolda
-
-
Field Summary
Fields Modifier and Type Field Description protected LDAPStorageProvider
ldapProvider
protected ComponentModel
mapperModel
protected KeycloakSession
session
-
Constructor Summary
Constructors Constructor Description AbstractLDAPStorageMapper(ComponentModel mapperModel, LDAPStorageProvider ldapProvider)
-
Method Summary
All Methods Static Methods Instance Methods Concrete Methods Modifier and Type Method Description void
close()
List<UserModel>
getGroupMembers(RealmModel realm, GroupModel group, int firstResult, int maxResults)
Return empty list if doesn't support storing of groupsLDAPStorageProvider
getLdapProvider()
Gets the ldap provider associated to the mapper.List<UserModel>
getRoleMembers(RealmModel realm, RoleModel role, int firstResult, int maxResults)
Return empty list if doesn't support storing of rolesSet<String>
mandatoryAttributeNames()
Method that returns the mandatory attributes that this mapper imposes on the entry.boolean
onAuthenticationFailure(LDAPObject ldapUser, UserModel user, AuthenticationException ldapException, RealmModel realm)
Called when LDAP authentication of specified user fails.static boolean
parseBooleanParameter(ComponentModel mapperModel, String paramName)
SynchronizationResult
syncDataFromFederationProviderToKeycloak(RealmModel realm)
Sync data from federated storage to Keycloak.SynchronizationResult
syncDataFromKeycloakToFederationProvider(RealmModel realm)
Sync data from Keycloak back to federated storage-
Methods inherited from class java.lang.Object
clone, equals, finalize, getClass, hashCode, notify, notifyAll, toString, wait, wait, wait
-
Methods inherited from interface org.keycloak.storage.ldap.mappers.LDAPStorageMapper
beforeLDAPQuery, onImportUserFromLDAP, onRegisterUserToLDAP, proxy
-
-
-
-
Field Detail
-
session
protected final KeycloakSession session
-
mapperModel
protected final ComponentModel mapperModel
-
ldapProvider
protected final LDAPStorageProvider ldapProvider
-
-
Constructor Detail
-
AbstractLDAPStorageMapper
public AbstractLDAPStorageMapper(ComponentModel mapperModel, LDAPStorageProvider ldapProvider)
-
-
Method Detail
-
syncDataFromFederationProviderToKeycloak
public SynchronizationResult syncDataFromFederationProviderToKeycloak(RealmModel realm)
Description copied from interface:LDAPStorageMapper
Sync data from federated storage to Keycloak. It's useful just if mapper needs some data preloaded from federated storage (For example load roles from federated provider and sync them to Keycloak database) Applicable just if sync is supported- Specified by:
syncDataFromFederationProviderToKeycloak
in interfaceLDAPStorageMapper
-
syncDataFromKeycloakToFederationProvider
public SynchronizationResult syncDataFromKeycloakToFederationProvider(RealmModel realm)
Description copied from interface:LDAPStorageMapper
Sync data from Keycloak back to federated storage- Specified by:
syncDataFromKeycloakToFederationProvider
in interfaceLDAPStorageMapper
-
getGroupMembers
public List<UserModel> getGroupMembers(RealmModel realm, GroupModel group, int firstResult, int maxResults)
Description copied from interface:LDAPStorageMapper
Return empty list if doesn't support storing of groups- Specified by:
getGroupMembers
in interfaceLDAPStorageMapper
-
getRoleMembers
public List<UserModel> getRoleMembers(RealmModel realm, RoleModel role, int firstResult, int maxResults)
Description copied from interface:LDAPStorageMapper
Return empty list if doesn't support storing of roles- Specified by:
getRoleMembers
in interfaceLDAPStorageMapper
- Returns:
-
onAuthenticationFailure
public boolean onAuthenticationFailure(LDAPObject ldapUser, UserModel user, AuthenticationException ldapException, RealmModel realm)
Description copied from interface:LDAPStorageMapper
Called when LDAP authentication of specified user fails. If any mapper returns true from this method, AuthenticationException won't be rethrown!- Specified by:
onAuthenticationFailure
in interfaceLDAPStorageMapper
- Returns:
- true if mapper processed the AuthenticationException and did some actions based on that. In that case, AuthenticationException won't be rethrown!
-
mandatoryAttributeNames
public Set<String> mandatoryAttributeNames()
Description copied from interface:LDAPStorageMapper
Method that returns the mandatory attributes that this mapper imposes on the entry.- Specified by:
mandatoryAttributeNames
in interfaceLDAPStorageMapper
- Returns:
- The list of mandatory attributes or null
-
parseBooleanParameter
public static boolean parseBooleanParameter(ComponentModel mapperModel, String paramName)
-
getLdapProvider
public LDAPStorageProvider getLdapProvider()
Description copied from interface:LDAPStorageMapper
Gets the ldap provider associated to the mapper.- Specified by:
getLdapProvider
in interfaceLDAPStorageMapper
- Returns:
-
-