public class LDAPIdentityStore extends Object implements IdentityStore
Constructor and Description |
---|
LDAPIdentityStore(KeycloakSession session,
LDAPConfig config) |
Modifier and Type | Method and Description |
---|---|
void |
add(LDAPObject ldapObject)
Persists the specified IdentityType
|
void |
addMemberToGroup(String groupDn,
String memberAttrName,
String value)
Adds a member to a group.
|
protected void |
checkRename(LDAPObject ldapObject) |
int |
countQueryResults(LDAPQuery identityQuery) |
protected StringBuilder |
createIdentityTypeSearchFilter(LDAPQuery identityQuery) |
protected BasicAttributes |
extractAttributesForSaving(LDAPObject ldapObject,
boolean isCreate) |
List<LDAPObject> |
fetchQueryResults(LDAPQuery identityQuery) |
LDAPConfig |
getConfig()
Returns the configuration for this IdentityStore instance
|
protected String |
getEntryIdentifier(LDAPObject ldapObject) |
Set<LDAPCapabilityRepresentation> |
queryServerCapabilities()
Query the LDAP server RootDSE and extract the
LDAPCapabilityRepresentation
of all supported extensions, controls and features the server announces. |
void |
remove(LDAPObject ldapObject)
Removes the specified IdentityType
|
void |
removeMemberFromGroup(String groupDn,
String memberAttrName,
String value)
Removes a member from a group.
|
void |
update(LDAPObject ldapObject)
Updates the specified IdentityType
|
void |
updatePassword(LDAPObject user,
String password,
LDAPOperationDecorator passwordUpdateDecorator)
Updates the specified credential value.
|
void |
validatePassword(LDAPObject user,
String password)
Validates the specified credentials.
|
public LDAPIdentityStore(KeycloakSession session, LDAPConfig config)
public LDAPConfig getConfig()
IdentityStore
getConfig
in interface IdentityStore
public void add(LDAPObject ldapObject)
IdentityStore
add
in interface IdentityStore
public void addMemberToGroup(String groupDn, String memberAttrName, String value)
IdentityStore
addMemberToGroup
in interface IdentityStore
groupDn
- The DN of the group objectmemberAttrName
- The member attribute namevalue
- The value (it can be uid or dn depending the group type)public void removeMemberFromGroup(String groupDn, String memberAttrName, String value)
IdentityStore
removeMemberFromGroup
in interface IdentityStore
groupDn
- The DN of the group objectmemberAttrName
- The member attribute namevalue
- The value (it can be uid or dn depending the group type)public void update(LDAPObject ldapObject)
IdentityStore
update
in interface IdentityStore
protected void checkRename(LDAPObject ldapObject)
public void remove(LDAPObject ldapObject)
IdentityStore
remove
in interface IdentityStore
public List<LDAPObject> fetchQueryResults(LDAPQuery identityQuery)
fetchQueryResults
in interface IdentityStore
public int countQueryResults(LDAPQuery identityQuery)
countQueryResults
in interface IdentityStore
public Set<LDAPCapabilityRepresentation> queryServerCapabilities()
IdentityStore
LDAPCapabilityRepresentation
of all supported extensions, controls and features the server announces. The LDAP Wiki
provides a list of known capabilities.
Will throw a ModelException
on any LDAP error, or when the searchResult is empty.queryServerCapabilities
in interface IdentityStore
public void validatePassword(LDAPObject user, String password) throws AuthenticationException
IdentityStore
validatePassword
in interface IdentityStore
user
- Keycloak userpassword
- Ldap passwordAuthenticationException
- if authentication is not successfulpublic void updatePassword(LDAPObject user, String password, LDAPOperationDecorator passwordUpdateDecorator)
IdentityStore
updatePassword
in interface IdentityStore
user
- Keycloak userpassword
- Ldap passwordpasswordUpdateDecorator
- Callback to be executed before/after password update. Can be nullprotected StringBuilder createIdentityTypeSearchFilter(LDAPQuery identityQuery)
protected BasicAttributes extractAttributesForSaving(LDAPObject ldapObject, boolean isCreate)
protected String getEntryIdentifier(LDAPObject ldapObject)
Copyright © 2021 JBoss by Red Hat. All rights reserved.