Class AbstractLDAPStorageMapper
- java.lang.Object
-
- org.keycloak.storage.ldap.mappers.AbstractLDAPStorageMapper
-
- All Implemented Interfaces:
Provider,LDAPStorageMapper
- Direct Known Subclasses:
FullNameLDAPStorageMapper,GroupLDAPStorageMapper,HardcodedAttributeMapper,HardcodedLDAPAttributeMapper,HardcodedLDAPGroupStorageMapper,HardcodedLDAPRoleStorageMapper,MSADLDSUserAccountControlStorageMapper,MSADUserAccountControlStorageMapper,RoleLDAPStorageMapper,UserAttributeLDAPStorageMapper
public abstract class AbstractLDAPStorageMapper extends Object implements LDAPStorageMapper
Stateful per-request object- Author:
- Marek Posolda
-
-
Field Summary
Fields Modifier and Type Field Description protected LDAPStorageProviderldapProviderprotected ComponentModelmapperModelprotected KeycloakSessionsession
-
Constructor Summary
Constructors Constructor Description AbstractLDAPStorageMapper(ComponentModel mapperModel, LDAPStorageProvider ldapProvider)
-
Method Summary
All Methods Static Methods Instance Methods Concrete Methods Modifier and Type Method Description voidclose()List<UserModel>getGroupMembers(RealmModel realm, GroupModel group, int firstResult, int maxResults)Return empty list if doesn't support storing of groupsLDAPStorageProvidergetLdapProvider()Gets the ldap provider associated to the mapper.List<UserModel>getRoleMembers(RealmModel realm, RoleModel role, int firstResult, int maxResults)Return empty list if doesn't support storing of rolesSet<String>mandatoryAttributeNames()Method that returns the mandatory attributes that this mapper imposes on the entry.booleanonAuthenticationFailure(LDAPObject ldapUser, UserModel user, AuthenticationException ldapException, RealmModel realm)Called when LDAP authentication of specified user fails.static booleanparseBooleanParameter(ComponentModel mapperModel, String paramName)SynchronizationResultsyncDataFromFederationProviderToKeycloak(RealmModel realm)Sync data from federated storage to Keycloak.SynchronizationResultsyncDataFromKeycloakToFederationProvider(RealmModel realm)Sync data from Keycloak back to federated storage-
Methods inherited from class java.lang.Object
clone, equals, finalize, getClass, hashCode, notify, notifyAll, toString, wait, wait, wait
-
Methods inherited from interface org.keycloak.storage.ldap.mappers.LDAPStorageMapper
beforeLDAPQuery, onImportUserFromLDAP, onRegisterUserToLDAP, proxy
-
-
-
-
Field Detail
-
session
protected final KeycloakSession session
-
mapperModel
protected final ComponentModel mapperModel
-
ldapProvider
protected final LDAPStorageProvider ldapProvider
-
-
Constructor Detail
-
AbstractLDAPStorageMapper
public AbstractLDAPStorageMapper(ComponentModel mapperModel, LDAPStorageProvider ldapProvider)
-
-
Method Detail
-
syncDataFromFederationProviderToKeycloak
public SynchronizationResult syncDataFromFederationProviderToKeycloak(RealmModel realm)
Description copied from interface:LDAPStorageMapperSync data from federated storage to Keycloak. It's useful just if mapper needs some data preloaded from federated storage (For example load roles from federated provider and sync them to Keycloak database) Applicable just if sync is supported- Specified by:
syncDataFromFederationProviderToKeycloakin interfaceLDAPStorageMapper
-
syncDataFromKeycloakToFederationProvider
public SynchronizationResult syncDataFromKeycloakToFederationProvider(RealmModel realm)
Description copied from interface:LDAPStorageMapperSync data from Keycloak back to federated storage- Specified by:
syncDataFromKeycloakToFederationProviderin interfaceLDAPStorageMapper
-
getGroupMembers
public List<UserModel> getGroupMembers(RealmModel realm, GroupModel group, int firstResult, int maxResults)
Description copied from interface:LDAPStorageMapperReturn empty list if doesn't support storing of groups- Specified by:
getGroupMembersin interfaceLDAPStorageMapper
-
getRoleMembers
public List<UserModel> getRoleMembers(RealmModel realm, RoleModel role, int firstResult, int maxResults)
Description copied from interface:LDAPStorageMapperReturn empty list if doesn't support storing of roles- Specified by:
getRoleMembersin interfaceLDAPStorageMapper- Returns:
-
onAuthenticationFailure
public boolean onAuthenticationFailure(LDAPObject ldapUser, UserModel user, AuthenticationException ldapException, RealmModel realm)
Description copied from interface:LDAPStorageMapperCalled when LDAP authentication of specified user fails. If any mapper returns true from this method, AuthenticationException won't be rethrown!- Specified by:
onAuthenticationFailurein interfaceLDAPStorageMapper- Returns:
- true if mapper processed the AuthenticationException and did some actions based on that. In that case, AuthenticationException won't be rethrown!
-
mandatoryAttributeNames
public Set<String> mandatoryAttributeNames()
Description copied from interface:LDAPStorageMapperMethod that returns the mandatory attributes that this mapper imposes on the entry.- Specified by:
mandatoryAttributeNamesin interfaceLDAPStorageMapper- Returns:
- The list of mandatory attributes or null
-
parseBooleanParameter
public static boolean parseBooleanParameter(ComponentModel mapperModel, String paramName)
-
getLdapProvider
public LDAPStorageProvider getLdapProvider()
Description copied from interface:LDAPStorageMapperGets the ldap provider associated to the mapper.- Specified by:
getLdapProviderin interfaceLDAPStorageMapper- Returns:
-
-