LDAPStorageMapper (Keycloak Docs Distribution 11.0.3 API)

All Superinterfaces:

Provider

All Known Implementing Classes:

AbstractLDAPStorageMapper, CertificateLDAPStorageMapper, FullNameLDAPStorageMapper, GroupLDAPStorageMapper, HardcodedAttributeMapper, HardcodedLDAPAttributeMapper, HardcodedLDAPGroupStorageMapper, HardcodedLDAPRoleStorageMapper, MSADLDSUserAccountControlStorageMapper, MSADUserAccountControlStorageMapper, RoleLDAPStorageMapper, UserAttributeLDAPStorageMapper
```
public interface LDAPStorageMapper
extends Provider
```
Author:

Marek Posolda

Method Summary

All Methods Instance Methods Abstract Methods
Modifier and Type	Method and Description
`void`	`beforeLDAPQuery(LDAPQuery query)` Called before LDAP Identity query for retrieve LDAP users was executed.
`List<UserModel>`	`getGroupMembers(RealmModel realm, GroupModel group, int firstResult, int maxResults)` Return empty list if doesn't support storing of groups
`boolean`	`onAuthenticationFailure(LDAPObject ldapUser, UserModel user, AuthenticationException ldapException, RealmModel realm)` Called when LDAP authentication of specified user fails.
`void`	`onImportUserFromLDAP(LDAPObject ldapUser, UserModel user, RealmModel realm, boolean isCreate)` Called when importing user from LDAP to local keycloak DB.
`void`	`onRegisterUserToLDAP(LDAPObject ldapUser, UserModel localUser, RealmModel realm)` Called when register new user to LDAP - just after user was created in Keycloak DB
`UserModel`	`proxy(LDAPObject ldapUser, UserModel delegate, RealmModel realm)` Called when invoke proxy on LDAP federation provider
`SynchronizationResult`	`syncDataFromFederationProviderToKeycloak(RealmModel realm)` Sync data from federated storage to Keycloak.
`SynchronizationResult`	`syncDataFromKeycloakToFederationProvider(RealmModel realm)` Sync data from Keycloak back to federated storage

Methods inherited from interface org.keycloak.provider.Provider
close

- Method Detail
  - syncDataFromFederationProviderToKeycloak
```
SynchronizationResult syncDataFromFederationProviderToKeycloak(RealmModel realm)
```
    Sync data from federated storage to Keycloak. It's useful just if mapper needs some data preloaded from federated storage (For example load roles from federated provider and sync them to Keycloak database) Applicable just if sync is supported
  - syncDataFromKeycloakToFederationProvider
```
SynchronizationResult syncDataFromKeycloakToFederationProvider(RealmModel realm)
```
    Sync data from Keycloak back to federated storage
  - getGroupMembers
```
List<UserModel> getGroupMembers(RealmModel realm,
                                GroupModel group,
                                int firstResult,
                                int maxResults)
```
    Return empty list if doesn't support storing of groups
  - onImportUserFromLDAP
```
void onImportUserFromLDAP(LDAPObject ldapUser,
                          UserModel user,
                          RealmModel realm,
                          boolean isCreate)
```
    Called when importing user from LDAP to local keycloak DB.
    
    Parameters:
    
    ldapUser -
    
    user -
    
    realm -
    
    isCreate - true if we importing new user from LDAP. False if user already exists in Keycloak, but we are upgrading (syncing) it from LDAP
  - onRegisterUserToLDAP
```
void onRegisterUserToLDAP(LDAPObject ldapUser,
                          UserModel localUser,
                          RealmModel realm)
```
    Called when register new user to LDAP - just after user was created in Keycloak DB
    
    Parameters:
    
    ldapUser -
    
    localUser -
    
    realm -
  - proxy
```
UserModel proxy(LDAPObject ldapUser,
                UserModel delegate,
                RealmModel realm)
```
    Called when invoke proxy on LDAP federation provider
    
    Parameters:
    
    ldapUser -
    
    delegate -
    
    realm -
    
    Returns:
  - beforeLDAPQuery
```
void beforeLDAPQuery(LDAPQuery query)
```
    Called before LDAP Identity query for retrieve LDAP users was executed. It allows to change query somehow (add returning attributes from LDAP, change conditions etc)
    
    Parameters:
    
    query -
  - onAuthenticationFailure
```
boolean onAuthenticationFailure(LDAPObject ldapUser,
                                UserModel user,
                                AuthenticationException ldapException,
                                RealmModel realm)
```
    Called when LDAP authentication of specified user fails. If any mapper returns true from this method, AuthenticationException won't be rethrown!
    
    Parameters:
    
    user -
    
    ldapUser -
    
    ldapException -
    
    Returns:
    
    true if mapper processed the AuthenticationException and did some actions based on that. In that case, AuthenticationException won't be rethrown!

Interface LDAPStorageMapper

Method Summary

Methods inherited from interface org.keycloak.provider.Provider

Method Detail

syncDataFromFederationProviderToKeycloak

syncDataFromKeycloakToFederationProvider

getGroupMembers

onImportUserFromLDAP

onRegisterUserToLDAP

proxy

beforeLDAPQuery

onAuthenticationFailure