Class UserAttributeLDAPStorageMapper
- java.lang.Object
-
- org.keycloak.storage.ldap.mappers.AbstractLDAPStorageMapper
-
- org.keycloak.storage.ldap.mappers.UserAttributeLDAPStorageMapper
-
- All Implemented Interfaces:
Provider
,LDAPStorageMapper
- Direct Known Subclasses:
CertificateLDAPStorageMapper
public class UserAttributeLDAPStorageMapper extends AbstractLDAPStorageMapper
- Author:
- Marek Posolda
-
-
Field Summary
Fields Modifier and Type Field Description static String
ALWAYS_READ_VALUE_FROM_LDAP
static String
ATTRIBUTE_DEFAULT_VALUE
static String
FORCE_DEFAULT_VALUE
static String
IS_BINARY_ATTRIBUTE
static String
IS_MANDATORY_IN_LDAP
static String
LDAP_ATTRIBUTE
static String
READ_ONLY
static String
USER_MODEL_ATTRIBUTE
-
Fields inherited from class org.keycloak.storage.ldap.mappers.AbstractLDAPStorageMapper
ldapProvider, mapperModel, session
-
-
Constructor Summary
Constructors Constructor Description UserAttributeLDAPStorageMapper(ComponentModel mapperModel, LDAPStorageProvider ldapProvider)
-
Method Summary
All Methods Instance Methods Concrete Methods Modifier and Type Method Description void
beforeLDAPQuery(LDAPQuery query)
Called before LDAP Identity query for retrieve LDAP users was executed.protected void
checkDuplicateEmail(String userModelAttrName, String email, RealmModel realm, KeycloakSession session, UserModel user)
protected void
checkDuplicateUsername(String userModelAttrName, String username, RealmModel realm, KeycloakSession session, UserModel user)
Set<String>
mandatoryAttributeNames()
Method that returns the mandatory attributes that this mapper imposes on the entry.void
onImportUserFromLDAP(LDAPObject ldapUser, UserModel user, RealmModel realm, boolean isCreate)
Called when importing user from LDAP to local keycloak DB.void
onRegisterUserToLDAP(LDAPObject ldapUser, UserModel localUser, RealmModel realm)
Called when register new user to LDAP - just after user was created in Keycloak DBUserModel
proxy(LDAPObject ldapUser, UserModel delegate, RealmModel realm)
Called when invoke proxy on LDAP federation providerprotected void
setPropertyOnUserModel(Property<Object> userModelProperty, UserModel user, String ldapAttrValue)
-
Methods inherited from class org.keycloak.storage.ldap.mappers.AbstractLDAPStorageMapper
close, getGroupMembers, getLdapProvider, getRoleMembers, onAuthenticationFailure, parseBooleanParameter, syncDataFromFederationProviderToKeycloak, syncDataFromKeycloakToFederationProvider
-
-
-
-
Field Detail
-
USER_MODEL_ATTRIBUTE
public static final String USER_MODEL_ATTRIBUTE
- See Also:
- Constant Field Values
-
LDAP_ATTRIBUTE
public static final String LDAP_ATTRIBUTE
- See Also:
- Constant Field Values
-
READ_ONLY
public static final String READ_ONLY
- See Also:
- Constant Field Values
-
ALWAYS_READ_VALUE_FROM_LDAP
public static final String ALWAYS_READ_VALUE_FROM_LDAP
- See Also:
- Constant Field Values
-
IS_MANDATORY_IN_LDAP
public static final String IS_MANDATORY_IN_LDAP
- See Also:
- Constant Field Values
-
IS_BINARY_ATTRIBUTE
public static final String IS_BINARY_ATTRIBUTE
- See Also:
- Constant Field Values
-
ATTRIBUTE_DEFAULT_VALUE
public static final String ATTRIBUTE_DEFAULT_VALUE
- See Also:
- Constant Field Values
-
FORCE_DEFAULT_VALUE
public static final String FORCE_DEFAULT_VALUE
- See Also:
- Constant Field Values
-
-
Constructor Detail
-
UserAttributeLDAPStorageMapper
public UserAttributeLDAPStorageMapper(ComponentModel mapperModel, LDAPStorageProvider ldapProvider)
-
-
Method Detail
-
onImportUserFromLDAP
public void onImportUserFromLDAP(LDAPObject ldapUser, UserModel user, RealmModel realm, boolean isCreate)
Description copied from interface:LDAPStorageMapper
Called when importing user from LDAP to local keycloak DB.isCreate
- true if we importing new user from LDAP. False if user already exists in Keycloak, but we are upgrading (syncing) it from LDAP
-
onRegisterUserToLDAP
public void onRegisterUserToLDAP(LDAPObject ldapUser, UserModel localUser, RealmModel realm)
Description copied from interface:LDAPStorageMapper
Called when register new user to LDAP - just after user was created in Keycloak DB
-
mandatoryAttributeNames
public Set<String> mandatoryAttributeNames()
Description copied from interface:LDAPStorageMapper
Method that returns the mandatory attributes that this mapper imposes on the entry.- Specified by:
mandatoryAttributeNames
in interfaceLDAPStorageMapper
- Overrides:
mandatoryAttributeNames
in classAbstractLDAPStorageMapper
- Returns:
- The list of mandatory attributes or null
-
checkDuplicateEmail
protected void checkDuplicateEmail(String userModelAttrName, String email, RealmModel realm, KeycloakSession session, UserModel user)
-
checkDuplicateUsername
protected void checkDuplicateUsername(String userModelAttrName, String username, RealmModel realm, KeycloakSession session, UserModel user)
-
proxy
public UserModel proxy(LDAPObject ldapUser, UserModel delegate, RealmModel realm)
Description copied from interface:LDAPStorageMapper
Called when invoke proxy on LDAP federation provider- Returns:
-
beforeLDAPQuery
public void beforeLDAPQuery(LDAPQuery query)
Description copied from interface:LDAPStorageMapper
Called before LDAP Identity query for retrieve LDAP users was executed. It allows to change query somehow (add returning attributes from LDAP, change conditions etc)
-
-