Package org.keycloak.storage.ldap.mappers.membership

Class UserRolesRetrieveStrategy.LoadRolesByMemberRecursively

java.lang.Object

org.keycloak.storage.ldap.mappers.membership.UserRolesRetrieveStrategy.LoadRolesByMember

org.keycloak.storage.ldap.mappers.membership.UserRolesRetrieveStrategy.LoadRolesByMemberRecursively

All Implemented Interfaces:

UserRolesRetrieveStrategy

Enclosing interface:

UserRolesRetrieveStrategy

public static class UserRolesRetrieveStrategy.LoadRolesByMemberRecursively
extends UserRolesRetrieveStrategy.LoadRolesByMember

Extension specific to Active Directory. Roles of user will be retrieved by sending LDAP query to retrieve all roles where "member" is our user. The query will be able to retrieve memberships recursively with usage of AD specific extension LDAP_MATCHING_RULE_IN_CHAIN, so likely doesn't work on other LDAP servers

Nested Class Summary

Nested classes/interfaces inherited from interface org.keycloak.storage.ldap.mappers.membership.UserRolesRetrieveStrategy

UserRolesRetrieveStrategy.GetRolesFromUserMemberOfAttribute, UserRolesRetrieveStrategy.LoadRolesByMember, UserRolesRetrieveStrategy.LoadRolesByMemberRecursively

Constructor Summary

Constructors

Constructor	Description
LoadRolesByMemberRecursively()

Method Summary

Modifier and Type	Method	Description
protected Condition	getMembershipCondition(String membershipAttr, String userMembership)

Methods inherited from class org.keycloak.storage.ldap.mappers.membership.UserRolesRetrieveStrategy.LoadRolesByMember

beforeUserLDAPQuery, getLDAPRoleMappings

Methods inherited from class java.lang.Object

clone, equals, finalize, getClass, hashCode, notify, notifyAll, toString, wait, wait, wait

Constructor Details

LoadRolesByMemberRecursively

public LoadRolesByMemberRecursively()

Method Details

getMembershipCondition

protected Condition getMembershipCondition(String membershipAttr,
 String userMembership)

Overrides:

getMembershipCondition in class UserRolesRetrieveStrategy.LoadRolesByMember